Burton: Social data was breached 25 times
She said that, out of 109 separate investigations since 2011, 25 breaches were identified.
However, she said no breaches were confirmed this year or last year, with nine in 2013, nine in 2012, and seven in 2011. In 62 further investigations, there were no breaches identified and that included 10 completed this year; 11 in 2014, 11 in 2013, 13 in 2012, and 19 in 2011.
Ms Burton further confirmed 22 suspected breaches: Eight in 2015, nine in 2014, and two in preceding years.
In a written Dáil reply to joint leader of the Social Democrats Roísín Shortall, the Tánaiste stated: “The department takes its responsibilities in relation to data protection very seriously.
“Every effort is made to ensure that personal customer data is used solely for business purposes and that it is not compromised in any way. The department has data protection and information security policies, standards, procedures and guidelines in place governing the use of its computer systems and customer data.
“All members of staff of the department are regularly reminded of their data protection obligations and the consequences of not adhering to policies such as loss of increment, loss of entitlement to enter promotional competitions, and dismissal.
“Staff members are required to sign annual undertakings that they have read, and will act in accordance with data protection policies and guidelines.”
The Tánaiste said a range of specific measures are in place to strengthen data protection governance and compliance within the department. She said: “A high-level working group is in place to examine, and progress, all aspects of data protection compliance in the department.
“Oversight is maintained by logging data accesses which are subject to audit. All allegations of data breaches are fully investigated and the department co-operates fully with the Office of the Data Protection Commissioner in all its investigations.”
Meanwhile, the Office of the Data Commissioner last year received 960 complaints, which were opened for investigation. This compared to 910 complaints in 2013.
In its 2014 annual report, the commissioner reported that the largest single category of complaints related to access requests, which accounted for just over half the total, reflecting public awareness regarding the right of access to data held about them.
The second largest category of complaints concerned electronic direct marketing in 2014. The office carried out 38 audits and inspections, prioritising multinational technology companies and major public-sector organisations.
The report states: “While the vast majority of complaints were resolved amicably, we made formal decisions in 27 cases, 18 of which fully upheld the complaint.”
The office last year prosecuted nine entities for 162 offences under the Data Protection Acts of 1988 and 2003, and the Privacy in Electronic Communications Regulations of 2011.
The Data Protection Commissioner’s running costs last year were €2.2m an increase from €1.96m the previous year.
The commissioner’s receipts from fees increased to €714,697 from €647,997.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
