Data Protection in the Department of Employment Affairs and Social Protection


Print page

The Department is committed to protecting the rights and privacy of individuals in accordance with both European Union and Irish data protection legislation. The Department is required to lawfully & fairly process personal data about employees, customers, suppliers and other individuals in order to achieve its mission and functions.  The General Data Protection Regulation (GDPR) came into effect on 25th May 2018. The Regulation and the Data Protection Acts confer rights on individuals in relation to the privacy of their personal data as well as responsibilities on those persons holding and processing such data.

The Data Controller for the Department is the Secretary General. The area nominated to carry out the functions of the Data Controller in the Department is the Business Information Security Unit (BISU) whose contact details are given below.  In accordance with the GDPR the Department has appointed a Data Protection Officer (DPO).

The Department’s Privacy Statement sets out What We Do With Your Personal Data and can be viewed here

The Department’s Privacy Statement also gives contact details for the Data Protection Officer (DPO).

To see our Cookie Policy click here

The Department’s Data Protection Policy sets out the data protection principles of the Department. The Data Protection Policy can be viewed in full here

The Department's Responsibilities

The Department takes its responsibilities in relation to data protection very seriously. Every effort is made to ensure that personal customer data is used solely for business purposes and that it is not compromised in any way.  The Department has data protection and information security policies, standards, procedures and guidelines in place governing the use of its computer systems and customer data. 

All members of staff of the Department are regularly reminded of their data protection obligations and the consequences of not adhering to policies. Failure to comply with any requirement may lead to disciplinary action under the Civil Service Disciplinary Code, which may result in sanction up to and including dismissal. Staff members are required to sign annual undertakings that they have read, and will act in accordance with, data protection policies and guidelines.  In addition each year the Department runs a Data Protection Awareness Week for staff.  Activities include a data protection newsletter issued to all staff; presentations to staff nationwide and posters in headquarter and local offices drawing attention to the importance of securing customers’ personal data. The Department has an E-learning training module on Data Protection for all staff and also a Corporate Video that all staff are required to view.

How can I find out if somebody accessed my personal information without permission and/or passed it on to someone else?

If you are concerned that an official has accessed your personal information illegally and or that your personal data may have been disclosed to a 3rd party illegally you can make a formal written complaint to:-
Business Information Security Unit,
Department of Social Protection,
Goldsmith House,
Pearse Street,
Dublin 2.
Email: BISU@Welfare.ie
The matter will be investigated by the Department and you will be notified regarding the outcome of the investigation as soon as possible.

 

Where can I get more information about my rights under the Data Protection Acts?

The Data Protection Commissioner's Website offers an explanation of the rights and responsibilities under the Data Protection Acts (http://www.dataprotection.ie ) and information is also available from
The Data Protection Commissioner's Office
Canal House,
Station Road,
Portarlington,
Co. Laois.

You can contact the Data Protection Commissioner's Office by email info@dataprotection.ie or by phone 1890 252231.

This Data Protection in DSP statement was last modified in May 2018

 

 

Last modified:24/05/2018