In common with all other Government Departments and Agencies my Department is subject to existing Data Protection regulations.
Over the last 18 months, my Department has actively participated in meetings of the the Inter-Departmental Committee on Data Issues, the focus of which has been primarily on the implications of, and preparedness for, the EU GDPR.
In 2017, a survey of business units was conducted to ascertain the volume of personal data that is processed by my Department. While the results of this exercise show that very little personal data is processed by the Department as part of its main business, work is now underway with a view to ensuring that the Department will be best placed to apply the GDPR. In this regard, my Department is reviewing its holdings of personal data and the associated arrangements for processing and filing of such material. Training, tailored to the needs of this Department and its Offices, is being developed and managers and staff will be facilitated in attending such training over the coming weeks, initially focusing on those in relevant business units.
Finally, as required by the GDPR, the Department is appointing a dedicated Data Protection Officer (DPO) to oversee preparation for the transition to the new regulatory regime. The DPO will assist business units with their compliance with the provisions of the GDPR.