ALLEGATIONS REGARDING DISCLOSURE OF CONFIDENTIAL INFORMATION TO INSURANCE COMPANIES: STATEMENT BY THE DATA PROTECTION COMMISSIONER, BILLY HAWKES
The Data Protection Commissioner, Billy Hawkes has today issued a comprehensive statement, by way of update, in relation to the actions which have been taken in relation to recent newspaper allegations concerning the disclosure of confidential information to insurance companies:
"I take very seriously the allegations contained in recent editions of the Sunday Tribune that confidential personal information has been provided illegally to insurance companies, in some cases via private investigators, by sources within An Garda Síochána and the Department of Social and Family Affairs. Similar allegations had been conveyed directly to my Office in the recent past. The information that I received formed the basis of a comprehensive work programme that my Office has commenced with all the relevant parties. I am pleased to say they are all treating the matter seriously.
I am particularly encouraged that the Garda Commissioner moved so quickly to appoint Assistant Commissioner Eddie Rock to investigate the allegations in relation to An Garda Síochána.I have already met with Mr Rock and his senior Garda colleagues and they have assured me of their assistance. An Garda Síochána take their responsibilities under data protection legislation seriously and we are in fact very close to finalising a Code of Practice on data protection that will operate within the force. This has been the subject of productive discussion over the last number of months.
I have also been in contact with the Department of Social and Family Affairs. The Department has assured me that the allegations of improper disclosure of personal information will be thoroughly investigated. I am also informed that, following an audit of the Department by my Office in 2006, the Department had tightened up its data security procedures and taken action against employees found to have improperly accessed client information.
I believe that the insurance sector takes its data protection responsibilities seriously but that there are areas where compliance may need to be improved. I will be meeting with representatives of the insurance industry in the coming week. My Office plans to carry out audits of a number of companies in the sector over the coming months, with a view to identifying and correcting any departure from the requirements of the Data Protection Acts. The results of these audits will influence the contents of a Code of Practice that is being developed by the Irish Insurance Federation in conjunction with my Office.
I am aware that some insurance companies use private investigators to investigate claims which they suspect are fraudulent or exaggerated. Private investigators in their activities are bound by the Data Protection Acts. I intend to work closely with the Private Security Authority on the licensing requirements that will shortly apply to this sector.
Data protection is about respecting people's rights to protection of their personal information. This remains the focus of my Office as we deal with these allegations of wrong-doing. I am determined to use the powers given to me by law to ensure that people's rights are respected by all the organisations concerned."