Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of their personal data. People supply information about themselves to government bodies, banks, insurance companies, medical professionals and many others in order to avail of services or satisfy obligations. For the purpose of data protection, organisations or individuals who control the contents and use of personal data are known as data controllers (e.g. North Tipperary County Council). The Data Protection Acts 1988 and 2003 confer rights on individuals as well as responsibilities on those persons processing personal data. These rights apply where the information is held:
The principal function of North Tipperary County Council is to provide a wide range of services to the people of North Tipperary under the following main headings:
In performing its functions, North Tipperary County Council is required to process significant amounts of Personal Data within the remit of the Data Protection Acts 1988 and 2003. We respect the privacy of those whose personal data we process and are aware of our obligations under the Data Protection Acts. Personal Data is defined as data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller.
North Tipperary County Council is registered as a Data Controller with the Office of the Data Protection Commissioner (Registration Number 0196/A). Particulars of our registration are available online at www.dataprotection.ie. Under the Rules of the Data Protection Acts North Tipperary County Council must:
1. Obtain and process data fairly.
2. Keep data only for one or more specified, explicit and lawful purposes.
3. Use and disclose data only in ways compatible with these purposes.
4. Keep data safe and secure.
5. Keep data accurate, complete and up-to-date.
6. Ensure that data is adequate, relevant and not excessive.
7. Retain data for no longer than is necessary for the purpose or purposes.
8. Give a copy of his/her personal data to that individual, on request.
Individuals who wish to obtain a copy of personal data in accordance with the Data Protection Acts 1988 and 2003 should apply in writing to the Data Controller Compliance Officer of North Tipperary County Council.
On making an access request any individual, about whom personal data is kept is entitled to:
In the preparation for the merger of North and South Tipperary County Councils in June 2014 information may be disclosed to South Tipperary County Council in relation to all our services and functions. This disclosure may include personal data which it is necessary to share for the purposes of the amalgamation.
Every individual about whom a data controller keeps personal information has a number of other rights under the Act, in addition to the Right of Access. These include the right to have any inaccurate information rectified or erased, to have personal data taken off a direct marketing or direct mailing list and the right to complain to the Data Protection Commissioner.
In response to an access request the Council will:
A data security breach can happen for a number of reasons which include:
The current Data Controller Compliance Officer is Rosemary Joyce, Senior Executive Officer, Corporate Support. She can be contacted on 067 44563 or by email on firstname.lastname@example.org.
The attention of all staff will be drawn to this policy through: