Back to Top
Statistics Database
cso.ie as Gaeilge

 Skip navigation

Show Menu  

MOU between CSO and DCEDIY on Departmental Data

Memorandum of Understanding between the Central Statistics Office, and the Department of Children, Equality, Disability, Integration and Youth in relation to Departmental Data

Table of Contents

List of abbreviations
Definitions of Terms
Establishment of the Parties
The Role of the Parties
Context and Background
Purpose of the Memorandum of Understanding
Responsibilities of Each Party
Legal Background
Data Transfer, Security, and Storage
Joint Liaison Group
Duration and Review of the Memorandum of Understanding 

This Memorandum of Understanding is made on 21st December 2023 between The Central Statistics Office (CSO), Skehard Road, Cork, T12 X00E and The Department of Children, Equality, Disability, Integration, and Youth (DCEDIY), Block 1, Miesian Plaza, 50-58 Lower Baggot Street, Dublin 2, D02 XWI4

List of Abbreviations

ADC Administrative Data Centre
AEYSP Annual Early Years Sector Profile 
BOTP  Beneficiaries of Temporary Protection
CSO Central Statistics Office
DCEDIY  Department of Children, Equality, Disability, Integration and Youth
DPO Data Protection Officer
ECCE Early Childhood Care & Education
JLG Joint Liaison Group
MoU  Memorandum of Understanding
NCS-EYP  National Childcare Scheme - Early Years Platform

Definitions of Terms

“Act”  The Statistics Act, 1993
“2018 Act”  The Data Protection Act, 2018
“Breach”

Has the meaning assigned by Article 4(12) of the General Data Protection Regulation (GDPR)
“Controller”  Has the meaning assigned by Article 4(7) of the GDPR.
“Data” Departmental Data, held by the CSO, as received from the DCEDIY and Pobal
“Personal Data” Has the meaning assigned by Article 4(1) of the GDPR
“Processing” Has the meaning assigned by Article 4(2) of the GDPR

Establishment of the Parties

The CSO was established in 1949 and became a statutory body in 1994, under the Statistics Act, 1993 (the ‘Act’).

The DCEDIY is a Department of the Government of Ireland.

The Role of the Parties

The functions of the CSO are set out in the Act.  In particular Section 10 states that the functions of the Office are the collection, compilation, extraction, and dissemination for statistical purposes of information relating to economic, social, and general activities and conditions in the State.  The CSO has the authority to co-ordinate official statistics compiled by public authorities to ensure, in particular, adherence to statistical standards and the use of appropriate classifications and has the authority to assess the statistical potential of the records maintained by public authorities and to ensure that the potential is realised.  Furthermore, the Office has legal obligations regarding the development, production, and dissemination of European statistics under Regulation. 223/2009.

The DCEDIY deals with policy and service developments relating to a number of very important groups in society.  It seeks to co-ordinate and develop key actions across Government relating to children and young people.  It also works on issues relating to some of our most vulnerable groups, including children at risk, children in the care of the State, and other vulnerable, minority, and disadvantaged groups.  It emphasises inclusivity and support in the area of equality. It is responsible for international protection accommodation for those seeking asylum in Ireland and for disability services. The Department also deals with a range of important legacy issues from Ireland’s past.  Finally, it deals with a large range of issues that are universal to society, including early learning and are for children, prevention and early intervention services, and support and advice for parents. 

The DCEDIY has appointed Pobal as the Scheme Administrator for the Annual Early Years Sector Profile (AEYSP), Early Childhood Care & Education (ECCE), and National Childcare Early Years Platform (NCS-EYP) schemes.  Pobal, a company limited by guarantee with the registration number 194360, was established in 1992 by the Government of Ireland. 

The DCEDIY is also controller for personal data processed in connection with the provision of accommodation to Beneficiaries of Temporary Protection (BOTP) as a result of the Ukraine crisis.  This data is currently held on the Department’s ePASS database.

Context and Background 

Section 30 of the Act provides that for the purpose of assisting the Office in the exercise of its functions, the Director General of the CSO may by delivery of a notice request any public authority to provide the Office with copies of records in its charge. 

Public authorities shall comply with any such request free of charge.

Purpose of the Memorandum of Understanding

The purpose of this MoU is to clarify the roles and responsibilities of, as well as the areas of cooperation between, the CSO and the DCEDIY with regard to AEYSP, ECCE, NCS-EYP, and BOTP Accommodation Data (the ‘Data’).

This agreement is a MoU and is not intended to create binding or legal obligations on either Party.  The MoU is entered into on the understanding that it is subordinate to the relevant legislation, set out below under ‘Legal Background’, governing each Party. 

This MoU also sets out a shared understanding of the parties in relation to data protection issues that may arise and roles relating to the compilation, transfer and use of this data.  The processing of personal data of data subjects is governed by the Act, and the Data Protection Act 2018 (the ‘2018 Act’) ‘and the GDPR.

Responsibilities of Each Party 

The controller for personal data is the DCEDIY.  When the Data is transferred to the CSO, the CSO becomes the controller for the data file that it holds.  The DCEDIY remains the controller for the data file that it holds.  It follows then that it is the responsibility of the CSO to report any Breach relating to the data it holds.

In the event of a Breach relating to BOTP Accommodation Data, the CSO will inform the Data Protection Officer (DPO) of the DCEDIY.  In the event of a breach relating to AEYSP, ECCE, or NCS-EYP Data, the CSO will inform the DCEDIY and Pobal DPOs.  In such cases, the CSO will also inform the DCEDIY (and Pobal, as appropriate) via the Joint Liaison Group (JLG).  Such notifications will be made within 24 hours.  In addition, the CSO will also refer to its own breach procedures.  The DCEDIY (and Pobal) will not be held responsible for any loss, damage or injury caused as a result of such a breach.

In the event of a Breach relating to the Data, the CSO will inform the DCEDIY (and Pobal, as appropriate) through the JLG, in advance, of any decision to issue a public statement in relation to the breach.  Similarly, the DCEDIY (and Pobal, as appropriate) will inform the CSO through the JLG, in advance, of any decision to issue a public statement in relation to the breach.   

The DCEDIY (and Pobal) will not provide additional data or operational support in respect of the notification of data subjects in the event of a breach relating to CSO data.

Legal Background

Transfer and processing of the Data shall be done in accordance with the Act, 2018 Act, GDPR, European Union law, and in accordance with the CSO’s Code of Practice, in particular its protocol on data matching where one or more datasets originate from outside of the CSO.  

The transfer and processing of the data is covered by, inter alia, the following provisions:

  • Section 10(1) of the Act, concerning the functions of the CSO in the collection, compilation, extraction, and dissemination for statistical purposes of information relating to economic, social, and general activities and conditions in the State;
  • Section 10(2) of the Act, concerning the authority of the CSO as regards coordination of official statistics compiled by public authorities and in ensuring, in particular, adherence to statistical standards and the use of appropriate classifications;
  • Section 10(3) of the Act, concerning the authority of the CSO to assess the statistical potential of the records maintained by public authorities and, in conjunction with them, to ensure that this potential is realised;
  • Section 13 of the Act, concerning the statistical independence of the Director General of the CSO;
  • Sections 30 and 31 of the Act, concerning the use of the records of public authorities for statistical purposes;
  • Sections 32 and 33 of the Act, concerning the protection of information;
  • Article 6(1)(e) of the GDPR, concerning processing necessary for the exercise of official authority vested in the controller;
  • Article 9(2)(j) of the GDPR, concerning processing of special category data necessary for statistical purposes;
  • Article 89 of the GDPR, concerning safeguards and derogations relating to processing for statistical purposes;
  • Section 38 of the 2018 Act, concerning processing necessary for the exercise of official authority;
  • Section 42(1)(c) of the 2018 Act, concerning processing for statistical purposes, and;
  • Section 54(1)(c) of the 2018 Act, concerning processing of special category data necessary for statistical purposes.

Data Transfer, Security, and Storage

It is envisaged that Pobal, on behalf of the DCEDIY, will supply one copy of the AEYSP, ECCE, and NCS-EYP Data on a monthly basis; however, this may change depending on statistical needs.

It is envisaged that the DCEDIY will supply one copy of the BOTP Accommodation Data on a monthly basis; however, this may change depending on statistical needs.

Data will be retained, securely stored, and processed by the CSO in accordance with CSO and Administrative Data Centre Data Policies.  

Pobal, on behalf of the DCEDIY, and the DCEDIY itself will provide the CSO with the data in agreed formats.  Information on data formats and delivery frequency shall be provided by Pobal and the DCEDIY in respect of the data files schedule.  In accordance with CSO policies on the control of data the CSO will not copy this data onto removable media (including laptop computers) unless appropriate security provisions are in place (i.e., encryption and password access) and there is an agreed business need to do so, in which case the CSO will inform the DCEDIY and Pobal of such need via the JLG. 

Joint Liaison Group

A DCEDIY-CSO Joint Liaison Group (JLG), to include Pobal, will be convened, in accordance with the CSO’s standard Data Governance Framework.  The JLG will oversee the data sharing as agreed between the parties and summarised in this MoU.   

The Terms of Reference (ToR) for the JLG will be agreed between the DCEDIY, Pobal and the CSO. The ToR will cover, amongst other things, membership of the JLG, frequency of meetings and scope of the JLG. Changes to the ToR must be jointly agreed by both parties.

Duration and Review of the Memorandum of Understanding

This MoU will be published on the CSO website (www.cso.ie), the DCEDIY website (www.gov.ie), and the Pobal website (www.pobal.ie).

This MoU will remain in force until a new one is entered into or either the CSO or the DCEDIY revoke it.  Depending on events, this MoU may be amended, subject to the mutual agreement of the DCEDIY and the CSO. 

This MoU will be reviewed biennially by the both the DCEDIY and the CSO.  Any changes to the MoU shall only be made with the mutual agreement of the DCEDIY and CSO.

SignedSigned
Padraig Dalton Kevin McCarthy

Central Statistics Office

Pádraig Dalton

Director General

Department of Children, Equality, Disability,

Integration, and Youth

Kevin McCarthy

Secretary General
Date: 21/12/2023  Date: 09/01/2024

Contact:

Central Statistics Office
Skehard Road, Cork T12 X00E, Ireland

Tel:
(+353) 21 453 5000
E-Mail:
information@cso.ie

Links:

Careers

You can count on a rewarding career with the CSO.

Learn about our variety of roles and the benefits of working with the CSO.

Follow: