Gardaí believe force can't fall victim to same data breach as hit PSNI
Agenda Team Of Leadership Drew Missioner Meeting Brian On The Issue Subsequent Placed Photo: Lawless/pa The It Is The File Garda Of Senior A Harris Understood
Garda HQ does not believe a data breach similar to the one that has rocked the PSNI could happen in An Garda Síochána because of its security controls.
The PSNI data breach, described by Chief Constable Simon Byrne as "industrial" in its scale, saw the inadvertent release of police spreadsheets containing the surnames and first initial of its 10,000 staff, where they are based and the departments they work in.
The official file was contained on a separate tab to general information released in response to a Freedom of Information Act request. This “source data” was uploaded online for a period, before being taken down.
The secret file included details of officers working in highly sensitive areas, including terrorism investigation, surveillance and covert operations as well as intelligence. It emerged that dissident republicans gained access to much of the information.
The Police Federation of Northern Ireland said the breach could cause “incalculable damage”.
The breach follows the near-fatal shooting of Detective Chief Inspector Jim Caldwell in Co. Tyrone in February. The following month authorities increased the threat level from terrorism to severe.
The understands Garda Commissioner Drew Harris placed the issue on the agenda of a subsequent meeting of the Senior Leadership Team.
In response to queries, Garda HQ said in a statement: “Shortly after the announcement of the PSNI data breach, at a scheduled Garda Senior Leadership Team weekly meeting, a presentation was provided on the range of measures in place in An Garda Síochána to mitigate against such potential breaches.
“Before and after this meeting, An Garda Síochána is satisfied that internal processes currently provide a robust and secure method for processing data in accordance with the required legislation.”
The statement added: “An Garda Síochána is aware that no system or set of processes can fully mitigate against all risks, including human error, in respect of the management of sensitive information, including personal data.
“An Garda Síochána keeps all processes under constant review to mitigate against any potential errors.”
Under its operating systems any HR information provided in FoI replies or to the media does not contain original source material from Garda HR databases.
Any original data is extracted and converted into a separate document and summarised, meaning that the original source data is not sent to the Garda FoI unit or the data unit or Press Office, reducing any risk of inadvertent disclosure.
The Policing Authority said: "The Policing Authority has kept abreast of all developments regarding the recent PSNI data breach and while the agenda for the September meeting of the Authority with the Commissioner has not yet been finalised, it is likely that the Authority will discuss current governance arrangements and controls in place for ensuring the security of personal data in the Garda Síochána."