Arising from the coming into effect of the General Data Protection Regulation (GDPR) in May of this year my Department is conducting a review of its holdings of personal data and the associated arrangements for filing and processing of such material.
As required by the GDPR, a Data Protection Officer (DPO) has been appointed and among their responsibilities will be the oversight of preparations for the transition to the new regulatory regime. As the Deputy is aware my Department is already subject to existing Data Protection regulatory provisions.
While a number of staff in key areas have already been facilitated in attending training in relation to the requirements of the General Data Protection Regulation (GDPR) I am advised that a more broadly based approach to awareness raising and training will form a key element of preparations over the coming months.