A WOMAN WHO requested information about changes made to her citizen’s data file has had her request refused for the reason that the database holding the information is routinely blanked.
The woman in question initially requested a copy of her own file from the Department of Employment Affairs and Social Protection (DEASP).
Such data is held on a database known as the Single Customer View (SCV), operated and managed on behalf of DEASP by the Department of Public Expenditure and Reform.
The view depicts a person’s PPS number, their date of birth, gender, address, birthplace, and mother’s birth surname – much of the same information that is currently encrypted on the government’s controversial Public Services Card (PSC).
The database comprises information from a number of state bodies, including DEASP, the Road Safety Authority, the Revenue Commissioners, and the HSE, to name a few. Collectively, the data is known as a citizen’s Public Service Identity (PSI).
Anyone can obtain a copy of their own file by applying to the Client Identity Services section of DEASP.
Deleted
In this case, the woman was curious as to what changes may have been made to her own data – known as an audit trail (essentially a log of who had accessed her file and of whatever changes may have been made).
She requested an audit of all such changes made to her own file held under the SCV, along with the name and rank of any civil servant who may have made such a change, if any, and a copy of what her file would have looked like at a date in the recent past.
Click here to view a larger image
The department replied:
“On a fortnightly basis data on the Single Customer View system is deleted and recollected from the data providers.”
There is no archive or audit trail of previous updates.
However, this suggestion appears to contradict the information contained within DEASP’s own recently-produced document, the ‘Comprehensive Guide to SAFE Registration and the Public Services Card’.
That document stresses that:
“The Single Customer View database is stored in a secure government data centre. Access to the data is tightly controlled and restricted to specified bodies on the private Government Network.”
All data access is logged and regularly audited.
Click here to view a larger image
That document itself was published on 20 October in reaction to the Data Protection Commissioner (DPC) expressing concern in recent times over matters of transparency concerning the PSC and the SCV, with those concerns chiefly resulting from a report by the State auditor, the Office of the Comptroller and Auditor General, which determined that no business case had been put in place with regard to the rollout of the Public Services Card.
The above apparently contradictory statements, meanwhile, raise the question as to whether an approach of blanking such a database, and in doing so removing any evidence of changes that may have been made, is compliant with both existing data protection legislation, and the EU’s forthcoming General Data Protection Regulations, which will come into force in May 2018.
“The Single Customer View is a read-only, periodically updated, consolidated view of Public Service Identity data only. Essentially, it is a mechanism used to enable sharing of the PSI dataset with specified bodies. The Single Customer View is held electronically on secure systems owned by the State in a secure government data centre on the private government network in Ireland,” a DEASP spokesperson said in response to a query from TheJournal.ie regarding the matter.
The PSI data displayed is that obtained by each contributor during their most recent transaction with the customer. The basis data on the SCV system is deleted and recollected from the data providers, generally on a fortnightly basis. There is no record of previous transfers of data held.
“All accesses to the Single Customer View application are logged. Information is logged about what information was accessed, by whom, and when. This log data is retained,” they added.
Security trail
“It’s good practice to keep audit logs of access to this kind of information for the purpose of demonstrating that data is being kept securely,” said Simon McGarr of Data Compliance Europe.
It increases the chances that the department would face compensation claims and other administrative fines in the event of a data breach if they could not demonstrate their own security trail.
TheJournal.ie raised the possibility that the Single Customer View database is routinely wiped with the Office of the DPC.
A spokesperson said: “Matters relating to the security of the data held and shared amongst the bodies involved in the SCV and PSC are currently being examined by the Data Protection Commissioner.”
It’s understood that the Data Protection Commissioner submitted as many as 50 questions to DEASP in recent months with regard to issues of transparency with the Public Services Card project and the SCV database, while a full investigation is now under way to determine whether or not those initiatives demonstrate full compliance with Ireland’s data protection acts.
The spokesperson continued:
“Since 2016, the DPC has been seeking clarity and greater transparency to the public on these matters. While the (commissioner) welcomes the greater clarity certain responses bring, engagement with the department is ongoing in relation to matters covered in the guide and in recent Dáil responses to PQs (parliamentary questions) particularly as they relate to biometric data processing and governance and data issues associated with the interplay between the Public Services Card, Public Service Identity set, MyGovID, Single Customer View and Infosys.”
To examine details of the above matters further, the DPC has now commenced an investigation under Section 10 of the Irish Data Protection Acts with a view to establishing whether there is full compliance with the requirements of the Acts.
To embed this post, copy the code below on your site
have your say