Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Shutterstock/igorstevanovic

Data Protection Commission notified over 2018 breach by State Examinations Commission

The breach, which occurred last year, affected 64 medical card holders.

THE DATA PROTECTION Commission says it is “satisfied” that the State Examinations Commission (SEC) acted correctly following a data breach involving 64 people last year.

The breach was first reported in August 2018 and arose after the SEC’s fees section sent an email to a number of individuals regarding their application for a medical card exemption from exam fees.

The breach did not contain any financial or personal details, but the SEC formally notified the Data Protection Commissioner about it within 72 hours of its occurrence.

The SEC told the commissioner that all those whose data was breached would be contacted with an explanation and apology, and said it had asked the individuals involved to delete the email which the commission had sent them by mistake.

The incident was determined to be a “low risk” breach following an investigation by the SEC, and a report was prepared for retention by the commission’s data protection officer.

Some details of the breach were confirmed to TheJournal.ie by a spokeswoman for the SEC, who said that the commission had received one follow-up complaint on foot of being notified about the breach by the commission.

The spokeswoman added that the SEC advised the complainant of their right to contact the Data Protection Commissioner’s office, but said it had received no further correspondence and that the matter was now regarded as closed.

In a statement, a spokeswoman for the Data Protection Commission also confirmed that it had received a breach notification from the SEC.

“The DPC is satisfied that mitigating measures were put in place and the issue was addressed,” the spokeswoman said, adding that it had received no complaints in relation to the incident.

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
7 Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel

     
    JournalTv
    News in 60 seconds