Last year the Examinations Connussion suffer a data breach involving the personal data of 64 people. Over a year later, the Irish Data Protection Commission states that it is “satisfied” with the way the State Examinations Commission (SEC) acted.
The breach, which occurred last year, affected 64 medical card holders.
The breach was first reported in August 2018 and arose after the SEC’s fees section sent an email to a number of individuals regarding their application for a medical card exemption from exam fees.
The breach did not contain any financial or personal details, but the SEC formally notified the Data Protection Commissioner about it within 72 hours of its occurrence.
The SEC told the commissioner that all those whose data was breached would be contacted with an explanation and apology, and said it had asked the individuals involved to delete the email which the commission had sent them by mistake.
The incident was determined to be a “low risk” breach following an investigation by the SEC, and a report was prepared for retention by the commission’s data protection officer.