Today, 25 May 2017, marks the one year countdown to the introduction of the General Data Protection Regulation (the "GDPR"). As the date draws nearer, it is important that organisations consider the impact of the GDPR on their business and any issues to be addressed before May 2018.

Irish legislation is required before May 2018 to fully implement the GDPR. Draft heads of that legislation were published recently, which set out an overview of the proposed sanctions regime and information on the restructuring of the office of the Data Protection Commissioner (the "Commissioner"). The new regime will include the ability to have up to three Commissioners. There are still a lot of open questions and the detail of the new Irish regime will need to be clarified. We will continue to track developments as the draft legislation progresses and keep you updated.

Summaries and analyses of the key concepts, rights and obligations under the GDPR are listed below. Please contact us if you require any advice or assistance in navigating the challenges of GDPR planning and implementation in your business.

1. Overview

2. Internal Privacy Audits

3. Data Controller Accountability

4. Data Processor Accountability

5. Transparency Requirements – Privacy Statements
6. Consent

7. Data Protection Officers

8. Privacy Impact Assessments

9. Data Subject Rights

10. Data Portability

11. Data Breaches

12. Remedies and Sanctions

13. Impacts on Asset Management Industry

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.