Department of Agriculture, Food and the Marine (Register of Users)
- Published on: 26 February 2020
- Last updated on: 3 November 2020
- Does the department use the PPS Number at present?
- For what purpose(s)?
- Does your department exchange the PPS Number with any external body? If so please name the relevant bodies and state the purpose(s) of the exchange
- What future plans has your department for the use of the PPS Number?
- Have you measures in place to ensure that the Public Service Identity data you hold/collect whether in electronic or written format is in line with the GDPR Principles described above?
Updated: November 2019
Does the department use the PPS Number at present?
Yes.
For what purpose(s)?
The Department currently uses the PPS Number as a customer identifier across a range of schemes and systems for external customers and also internally for some staff related matters.
Bodies under the aegis of the Department
Teagasc
Teagasc use the PPS number for HR and Payroll administration purposes for those on Teagasc payrolls, and as an identifier for internal administrative systems such as the finance system. Payroll information is shared with the Revenue Commissioners.
The PPS number is used to uniquely identify students within our Education Management Systems and is used to transfer student results to Quality and Qualifications Ireland.
The PPS number is used to uniquely identify clients within our Client Information Management System and it is used as a unique identifier for students and third party advisors accessing Teagasc advisory services
Does your department exchange the PPS Number with any external body? If so please name the relevant bodies and state the purpose(s) of the exchange
The PPS Number is exchanged with the Client Identity Services section of the Department of Social Protection for validation purposes. It is also included in data supplied to the Revenue Commissioners in relation to payments information and to the Central Statistics Office for statistical purposes.
The PPS Number is also included in data supplied to the Department of Social Protection in relation to payment information provided to that Department on an annual basis.
Bodies under the aegis of the department
Teagasc
Teagasc use the PPS number during the exchange of employee, client and student related information with government departments and agencies, specifically the Department of Agriculture, Food and the Marine (DAFM), the Revenue Commissioners and Quality and Qualifications Ireland, in order to comply with legislative obligations and in its role as an agent of the DAFM.
What future plans has your department for the use of the PPS Number?
The Department intends to use the PPS Number as the main customer identifier for individual customers across the wide range of schemes and services it operates.
Bodies under the aegis of the department
Teagasc
Teagasc would like to offer online services via MyGovID and would need to exchange PPS number with the Client Identity Services section of the Department of Social Protection to facilitate this.
There is a duty to ensure compliance with the principles of processing personal data which are setout in Article 5(1) and 5(2) of the GDPR. These principles are summarized as follows:
- process it lawfully, fairly, and in a transparent manner
- collect it only for one or more speciļ¬ed, explicit and legitimate purposes, and do not otherwise use it in a way that is incompatible with those purposes
- ensure it is adequate, relevant and limited to what is necessary for the purpose it is processed
- keep it accurate and up-to-date and erase or rectify any inaccurate data without delay
- where it is kept in a way that allows you to identify who the data is about, retain it for no longer than is necessary
- keep it secure by using appropriate technical and/or organisational security measures
- be able to demonstrate your compliance with the above principles
- respond to requests by individuals seeking to exercise their data protection rights (for example the right of access
Have you measures in place to ensure that the Public Service Identity data you hold/collect whether in electronic or written format is in line with the GDPR Principles described above?
The use of the PPSN will only take place for the functions as outlined above.
Department of Agriculture, Food and the Marine has appointed a Data Protection Officer in accordance with Article 37 of the GDPR. Senior Managers are responsible for data protection within their own work areas and ensure that the principles and policies in relation to data protection are adhered to.
Data Protection breaches are reported internally to the Data Protection Unit, and when appropriate, are reported to the Data Protection Commission.
If this Department is required to share personal data with another body a written data sharing agreement is put in place to ensure data protection obligations are clear to both parties and are adhered to. Data sharing will only take place when there is a clear legal basis to do so.
All Departmental records are held safely and securely. Access to personal data and confidential data will only be made available to those staff who require it to perform their functions.
Bodies under the aegis of the Department
Teagasc
The PPS number will only be used in the manner outlined in the Teagasc response above, in order to limit the purpose for which the data was collected and to adhere to the lawfulness, fairness and transparency principle.
Teagasc have established a role for Data Protection within the organization and have appointed a Data Protection Officer in this regard. The support of legal advisors has also been retained to provide advice when required. A culture of accountability is fostered in Teagasc and Information Owners have been established for both Manual and System File Registers. Online GDPR Awareness Training has been made available to all system users and regular training reports are provided to Management in Teagasc.
A suite of policies in relation to Data Protection have been developed and are available on the internal document management system (DMS) and on the public Teagasc website. A Data Privacy Notice has been developed summarising how Teagasc protect and manage personal data including information on data subject rights, withdrawal of consent, data sharing, retention of personal data and contact details in relation to Data Protection. This summary has been made available in all client facing offices in Teagasc.
The Data Protection Officer deals with Subject Access Requests and Data Breaches. If deemed necessary, the Data Protection Officer reports the breach to the Data Protection Commission. The Data Protection Officer has worked closely with the ICT Department in Teagasc and continues to liaise with both the Head of ICT and the Security/Continuity Specialist.
If Teagasc is required to share personal data with another body, it will only take place where there is a clear lawful basis for doing so.
Information is held in a safe and secure environment and the appropriate electronic safeguards are in place.
The appropriate technical measures are implemented in Teagasc to ensure the integrity and confidentiality of data held by Teagasc. These measures include technical security, internal and external security, password protection, virus protection, firewalls and encryption.
Only staff who need to access personal data to perform their duties by virtue of the role they carry out in Teagasc do so.