Data Protection Commissioner
Data Protection Commissioner

Data Protection Commissioner welcomes publication by An Garda Síochána of data protection audit carried out by the Office.

MEDIA RELEASE - 21/3/2014

The Data Protection Commissioner, Billy Hawkes, today welcomed the publication by An Garda Síochána of the Report of the data protection audit carried out by his Office. This comprehensive and detailed audit was carried out under the instruction of the Data Protection Commissioner on foot of concerns about some of the data handling practices within An Garda Síochána despite a previously agreed Data Protection Code of Practice with the force.


A central focus of the audit was the main IT system used by An Garda Síochána for recording data, PULSE. In his 2012 Annual Report, the Data Protection Commissioner outlined that the initial phase of the audit had uncovered inappropriate access to PULSE by members of An Garda Síochána. Assurances have been received from An Garda Síochána in relation to measures it has already taken to monitor access to PULSE.

The audit findings have highlighted areas where improvements are required. Overall, the majority of areas examined demonstrated a professional police force operating in compliance with data protection legislation.

Commenting on the welcome publication of the report, the Data Protection Commissioner stated that "This Report, as with most of our audit reports, contains a series of recommendations in relation to the processing of personal data by An Garda Síochána. I am satisfied with the response and commitments on the part of An Garda Síochána to comply with its data protection responsibilities by way of actions already taken to implement or progress already made towards implementation of the recommendations contained in the Audit Report. However, I will continue to carry out reviews of the implementation of an Action Plan being developed by An Garda Síochána"

He added, "I am particularly encouraged in relation to the approach adopted by An Garda Síochána during the comprehensive audit which was one of full transparency and openness with the Office with a view to identifying any issues where improvement was necessary and remedying those matters. I would like to acknowledge the full cooperation received throughout the process."

Full report is available at the following link http://www.garda.ie/Controller.aspx?Page=160&Lang=1


Ends
For more information, please contact:
Ciara O'Sullivan, Office of the Data Protection Commissioner at +353 (0)57 868 4800
Email: media@dataprotection.ie


Background:

The Office of the Data Protection Commissioner carried out an audit of data protection in An Garda Síochána using its statutory powers to audit organisations. The audit consisted of an examination of documentation provided by An Garda Síochána, discussions with An Garda Síochána senior management and on-site inspections at An Garda Síochána HQ in Dublin, the An Garda Síochána Vetting Unit in Thurles, the An Garda Síochána Information Services Centre (GISC) in Castlebar and a number of Garda stations.

The audit was carried out by reference to the requirements of the Data Protection Acts and the elaboration of those requirements contained in the ODPC-approved Data Protection Code of Practice for An Garda Síochána (Agreed in 2007 and published on their website