Wednesday, 14 February 2018

Questions (98)

Catherine Murphy


98. Deputy Catherine Murphy asked the Tánaiste and Minister for Foreign Affairs and Trade the preparedness of his Department in the context of the incoming general data protection regulation, GDPR, EU 2016/679; if staff in his Department have undertaken or been offered specific training and-or briefing in respect of the GDPR; and if he will make a statement on the matter. [7647/18]

View answer

Written answers (Question to Foreign)

My Department commenced preparations for the General Data Protection Regulation (GDPR) in mid-2016, with the appointment of a Data Protection Officer, who holds a professional qualification in data protection. The Data Protection Officer has overseen and delivered a suite of data protection training across the Department, both at home and abroad.

At Headquarters, data protection training and GDPR information sessions were incorporated into the pre-posting training given to staff going on overseas assignments in 2017. In addition, the Data Protection Officer has provided in-depth GDPR-specific training to all staff who work in the Department’s Human Resources team in Dublin and Limerick.

My Department’s Global Irish Services (GIS) Division, which includes the Passport Service and Consular Services, holds a very significant bank of personal data. With oversight and guidance provided by the Data Protection Officer, the GIS Division established a working group in 2017 to oversee its preparations for GDPR. This includes the development of function-specific training and the development of the required compliance documentation. This work is at an advanced stage and training has commenced for staff in the Passport Service, including all temporary staff who are to be assigned during 2018.

Briefing on the implications of GDPR has been provided to a number of senior management groups within my Department and further training and ICT support tools will be rolled out in the coming weeks. “Data champions” will shortly be appointed for each Division, to be responsible for overseeing compliance with data protection requirements and for co-ordinating the completion and maintenance of the required documentation.

My Department has staff serving in over eighty locations overseas and training on data protection and the implications of the GDPR for these staff commenced on a regional basis in mid-2017. The four regions covered were Central Europe, South Eastern Europe, the Americas and Asia. Further training is envisaged this year in Africa, the Northern Baltic region and Latin America.