We use cookies to collect and analyse information on site performance and usage to improve and customise your experience, where applicable. View our Cookies Policy. Click Accept and continue to use our website or Manage to review and update your preferences.

1. Understanding obligations

Publication

The most important aspect of ‘Being Aware’ is to appoint a responsible person to drive GDPR compliance, to raise awareness of risks, to identify training requirements and to implement processes such as how to respond to data subject rights requests and data security breaches.

  • Intellectual Property & Data Protection Law

It may not be expected, nor desirable, that everyone in the firm would take responsibility for responding to a data subject rights request or data breach, but it is important that every staff member knows what these events look like so that the matter can be promptly referred internally to the appropriate person.

Awareness is an ongoing obligation and refresher training required to keep staff up to date with, and conscious of, requirements.

Checklist

  • Has a person with appropriate seniority been appointed to drive GDPR compliance in the firm?
  • Are staff aware of data protection requirements?
  • Are staff aware of the consequences of failure to comply with data protection requirements?
  • Have staff completed appropriate data protection and information security training?
  • Are your staff able to recognise and appropriate handle to a data subject access request?
  • Are your staff able to recognise and appropriate handle a data security breach?
  • Are staff trained in data protection matters?

Right column

GDPR Guidance

Browse other Law Society guidance on the General Data Protection Regulation (GDPR) through the links below.

Law Society of Ireland

Popular Resources

Quick Access

Contact

Blackhall Place, Dublin 7
+353 1 672 4800

© 2025 law society of ireland