It was only a matter of time before we would...
See Full ArticleThe EU General Data Protection Regulation (“GDPR”) came into direct legal effect in all EU member states, including Ireland, on 25 May 2018.
The GDPR brought significant change. It replaced the previous data protection legislation in Ireland and the EU and brought with it many new requirements and obligations. It is essential for all businesses, NGO’s and public bodies to be aware of the changes as there are very significant fines and sanctions for non-compliance. Being able to demonstrate that you are in compliance by means of documented policies, procedures and training is essential.
What changed under the GDPR?
The GDPR introduced significant changes to the obligations of data controllers and data processors which will require organisations to review and redraft contracts, policies and procedures and other related documents to ensure they are in compliance with the provisions of the GDPR. It may also be necessary to prepare new policies where none currently exist.
Significant new obligations
The GDPR introduced new obligations on data controllers and data processors, including:
Increased sanctions for non-compliance
One of the most significant changes made by the GDPR is the area of sanctions for non-compliance with its provisions. The Office of the Data Protection Commissioner are now entitled to impose fines of:
Data security
Ensuring that you have appropriate governance measures relating to access and use of personal data, whether in respect of employees, consultants, marketing/PR companies or third party contractors, is now strictly regulated. It is important that you have the controls and correct contractual apportionments of risk in place. Appropriate insurance cover should also be considered, given that the GDPR introduced a new statutory civil right of action for third parties who suffer damage as a result of any infringement by you of your obligations under the GDPR.
How can Philip Lee help?
We are leading experts in the area of data protection law. We have advised private and public sector companies on the full spectrum of data protection compliance and enforcement issues. We have also acted in many of the leading data protection cases to come before the Courts. A number of our partners are CIPP/E certified (Certified International Privacy Professional – Europe). Our Data, Privacy and Technology team is ready to assist you.
It was only a matter of time before we would...
See Full ArticleIt remains to be seen whether the UK will ‘crash out’ of...
See Full ArticleFor many businesses, the international transfer of data is a critical part...
See Full ArticleAs published in The Irish Times, November 13th 2018. Did you know that...
See Full ArticleOur corporate and technology partner Eoghan Doyle alongside Eddie O'Mahony, Head of...
See Full ArticleOne of the most significant changes under the GDPR is the new...
See Full ArticleIntroduction The General Data Protection Regulations (the “GDPR”) will come into...
See Full ArticleThe EU General Data Protection Regulation (“GDPR”) will come into direct legal...
See Full ArticleIncreasingly retailers are offering to send us our receipts by...
See Full ArticleAs published in the September 2017 issue of the...
See Full ArticleIntroduction On Wednesday 26 July 2017, Cabinet agreed to set the...
See Full ArticleThe EU General Data Protection Regulation (“GDPR”) was enacted on 24 May...
See Full ArticleA key new obligation under the GDPR is the requirement that certain...
See Full ArticleThe Data Summit Dublin provides a unique opportunity...
See Full Article