2 5 8 I N o . 21 o f 2 0 0 9
Electronic
and
Communications
Transactions
PART VIII
PROTECTION OF CRITICAL DATA BASES
Scope of
critical
4 3 . The provisions of this Part apply to a critical database
administrator and critical databases or parts thereof.
database
protection
Identification
44.
The Minister may, by statutory instrument—
of critical
data and
critical
databases
(a) d e c l a r e c e r t a i n c l a s s e s o f i n f o r m a t i o n w h i c h is of
importance to the protection of the national security of
the Republic, or the economic and social well-being of
its citizens, to be critical data for the purposes of this
Part; and
(b) establish procedures to be followed in the identification of
critical databases for the purposes of this Part.
Registration of
critical
databases
45. ( I ) The Minister may, by statutory instrument, determine—
(a) the requirements for the registration of critical databases
with the Authority or such other body as the Minister
may specify;
(b) the procedure to be followed for the registration of critical
databases; and
(c) any other matter relating to the registration of critical
databases.
(2) The following information shall be recorded in a register
maintained for purposes of this Part:
(a) the full name, address and contact details of the critical
database administrator;
(b) the location of the critical database, including the locations
of component parts thereof, where a critical database is
not stored at a single location; and
(c) a g e n e r a l d e s c r i p t i o n of the c a t e g o r i e s or t y p e s o f
information stored in the critical database, excluding
the contents of such critical database.
(3) The information referred to in subsection (2) shall not be
recorded in a critical database if that information is likely to
prejudice—
(a) the security of the critical database; or
(b) the physical safety of a person in control of the critical
database.