General Data Protection Regulation

I wish to advise the Deputy that my Department has provided a number of information events on the General Data Protection Regulation (GDPR) legislation for the staff of the Department. My Department has also organised advanced training in data protection for a number of its staff. It is the intention of my Department to extend this training to other staff as the need arises.

In addition, my Department is currently assessing how best it can meet the training requirements of all of its staff in connection the GDPR, with a view to providing access to training for all staff of the Department in the near future. I cannot provide the Deputy with the details in this regard as the training is currently subject to procurement. However, I can advise that it is intended that this training will cover the essential material in the legislation and will be tailored to the Department’s circumstances. The training will be made available for all staff of the Department over the course of the next year.

Officials at my Department have also been informed by the Department of Public Expenditure and Reform that they have issued a request for tenders in relation to the award of a contract for the provision of services to deliver training for Data Protection Officers within the civil service and bodies across the public sector. The submitted tenders have been assessed and it is expected that the winning tenderer will be notified shortly.

Finally, I wish to advise the Deputy that Aegis agencies, like all data controllers, are required to implement appropriate measures to demonstrate compliance with their obligations under the GDPR and related data protection legislation. These are operational matters for the bodies concerned.