Organisation information
Data Protection in the Department of Social Protection
From Department of Social Protection
Published on
Last updated on
The Department of Social Protection is a Data Controller. The department is committed to protecting the rights and privacy of individuals in accordance with both European Union and Irish data protection legislation. The department is required to lawfully and fairly process personal data about employees, customers, suppliers and other individuals in order to achieve its mission and functions. The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. The Regulation and the Data Protection Acts confer rights on individuals in relation to the privacy of their personal data as well as responsibilities on those persons holding and processing such data.
In accordance with the GDPR the department has appointed a Data Protection Officer (DPO). The DPO is supported by a fully resourced Data Protection Unit.
The department's Privacy Statement sets out what we do with your personal data and can be viewed here.
The department's Privacy Statement also gives contact details for the Data Protection Officer (DPO).
The department's Data Retention Policy sets out a corporate data retention policy for all data across all aspects of the department’s business. The Data Retention Policy can be viewed in full below.
Data Retention guidelines and procedures
Data Retention Policy - Guidelines and Procedures
This document sets out a corporate data retention policy for all data across all aspects of the Department’s business. As such it is a living document, subject to ongoing review and update.
Download link for
Download
View the file
View
To see an overview of the Department of Social Protection (DSP) data sharing arrangements with other bodies please view the document below.
Data sharing arrangements with other bodies
For most day-to-day DSP operations and service delivery business, the department is the data controller and is responsible for all aspects of how information is used. But for some of the areas where DSP works together with other organisations, we share responsibility for how your personal data is used.
Download link for
Download
View the file
View
The department takes its responsibilities in relation to data protection very seriously. Every effort is made to ensure that personal customer data is used solely for business purposes and that it is not compromised in any way. The department has data protection and information security policies, standards, procedures and guidelines in place governing the use of its computer systems and customer data.
All members of staff of the department are regularly reminded of their data protection obligations and the consequences of not adhering to policies. Failure to comply with any requirement may lead to disciplinary action under the Civil Service Disciplinary Code, which may result in sanction up to and including dismissal. Staff members are required to sign annual undertakings that they have read, and will act in accordance with, data protection policies and guidelines.
In addition each year the department runs a Data Protection Awareness Week for staff. Activities include a data protection newsletter issued to all staff; presentations to staff nationwide and posters in headquarter and local offices drawing attention to the importance of securing customers' personal data. The department has an E-learning training module on Data Protection for all staff and also a Corporate Video that all staff are required to view.
If you are concerned that an official has accessed your personal information illegally and or that your personal data may have been disclosed to a 3rd party illegally you can make a formal written complaint to:-
Data Protection Unit
Address:
Department of Social Protection, Goldsmith House, Pearse Street
, Dublin 2
Email:
The matter will be investigated by the department and you will be notified regarding the outcome of the investigation as soon as possible.
The Data Protection Commission Website offers an explanation of the rights and responsibilities under the Data Protection Acts ( www.dataprotection.ie ) and information is also available from:
Data Protection Commission
Address:
21 Fitzwilliam Square South
, Dublin 2
, D02 RD28
Email:
Phone number:
You can contact the Data Protection Commissioner's Office by email at info@dataprotection.ie or by phone at +353 578 684 800 or +353 761 104 800
This Data Protection in DSP statement was last modified in March 2019.