Central Applications Office (Register of Users)

Last updated March 2019

Does your organisation use the PPSN at present?

Yes.

If so, for what purpose?

QQI uses PPSN as the primary identifier on it's results records database. CAO Applicants presenting QQI FET qualifications provide CAO with their PPSN. CAO provides the PPSN and ID data of these applicants to QQI. QQI presents CAO with an extract from their QQI FET database based on this data. In this way QQI FE results are electronically appended to the CAO application file and this data is provided to HEIs for evaluation.

Applicants applying for the HEAR scheme and indicating possession of a Medical Card/GP visit card are required to provide relevant PPSN (own and/or parent guardian) for verification with HSE.

Applicants applying for the HEAR scheme and indicating attendance in a DEIS school are required to provide PPSN for verification with DES.

Applicants completing a HEAR form to request information from DSP must enter PPSN (own and/or parent guardian) on the form to enable DSP to retrieve relevant details of social welfare payments for supply to CAO in support of a HEAR application.

Does your Office exchange the PPS Number with any external body? If so please name the relevant bodies and state the purpose(s) of the exchange.

• Higher Education Institutions (HEIs) as explained above
• QQI for purpose above
• HSE for purpose above
• DES for purpose above

Does your organisation have any other plans involving the use of the PPS number?

It may be possible to use PPSN for verification of other indicators in the HEAR and DARE schemes further to the above.

There is a duty to ensure compliance with the principles of processing personal data which are set out in Article 5(1) and 5(2) of the GDPR. These principles are summarised as follows

• process it lawfully, fairly, and in a transparent manner
• collect it only for one or more specified, explicit and legitimate purposes, and do not otherwise use it in a way that is incompatible with those purposes
• ensure it is adequate, relevant and limited to what is necessary for the purpose it is processed
• keep it accurate and up-to-date and erase or rectify any inaccurate data without delay
• where it is kept in a way that allows you to identify who the data is about, retain it for no longer than is necessary
• keep it secure by using appropriate technical and/or organisational security measures
• be able to demonstrate your compliance with the above principles and
• respond to requests by individuals seeking to exercise their data protection rights (for example the right of access

Have you measures in place to ensure that the Public Service Identity data you hold/collect whether in electronic or written format is in line with the GDPR Principles described above?

Yes.