The EU General Data Protection Regulation (GDPR) provides a single, harmonised data privacy law for the European Union and became applicable from 25th May 2018 in all member states.
The GDPR is a substantial piece of legislation which imposes many obligations on all entities that process personal data of EU residents. Just stating you are compliant is not sufficient you must be able be able to evidence your compliance – Article 5 (2) “the controller shall be responsible for, and be able to demonstrate, compliance with the principles”
Briefly this means companies have to
- Be Transparent and be sure data subjects (employees and customers) are aware of how data is collected, processed and stored;
- Safeguard information and have a breach plan in place if things go wrong (72 hour notification rule)
- Facilitate subject rights
- Be able to evidence compliance to these legal and all other obligations.
Further to this the Irish Data Protection Act was signed into law on 24th May 2018 which gives effect to the regulation and changes the previous data protection framework established under the Data Protection Acts 1988 and 2003. Its provisions include establishing a new Data Protection Commission as the State’s data protection authority, transposing the law enforcement directive into national law and giving further effect to the GDPR in areas where member states have flexibility.
Creating awareness, providing transparency for staff and customers and evidencing compliance is a big challenge for all businesses – big, small, public and private.
Understanding this The Data Protection Group was formed in 2016 by experienced industry and legal professionals with the aim of assisting companies and associations as well as their members to meet these challenges.
A Finger on the Pulse of Privacy
Their structured approach to the GDPR provides a compliance framework to minimise the ongoing risks of noncompliance and enables companies to efficiently manage their continuing obligations under the GDPR.
Their services have been developed to address, inform, educate and assist business owners in this now critical area of compliance in the modern business world.
Ireland’s Privacy Experts
CEO Paul McCourtney, a Certified Data Protection Practitioner (CDPP), has built a small and dynamic team of some of Ireland’s best legal, privacy and compliance experts, many with over 30 years’ experience, to deliver comprehensive GDPR, privacy and compliance solutions to SMEs, professional bodies and enterprises throughout Ireland and Europe.
While each member of the team is a qualified Data Protection Practitioner, everyone brings expertise from a diverse range of backgrounds including law, compliance, business, IT, HR, health & safety and workforce management to name a few.
As mentioned previously the GDPR imposes an obligation on companies to not only document and safeguard information on identifiable living persons but they must also be able to evidence compliance.
GDPR.ie and the team of experienced legal and compliance staff can work with organisations and businesses to review their current practices, advise on steps to bring them to compliance and work with them to complete those tasks.
They have extensive experience working with government departments, professional bodies, medical associations, sporting bodies, large ICT companies, associations and governing bodies.
Three Steps to Complete Compliance
In three simple steps, GDPR.ie take a structured approach to GDPR that provides a compliance framework to minimise the ongoing risks of noncompliance to business owners:
- GDPR Readiness Assessment reviews an organisation’s current practices and identifies gaps in compliance.
- Remediation services including policy drafting and development of processes are deployed to bring an organisation into compliance with GDPR.
- Training courses help clients understand how GDPR applies to their organisations.
GDPR.ie can also provide ongoing support to maintain and evidence compliance.
A Growing Irish Company
Data Protection Group is expanding to meet the needs and requirements of their growing client base.
They are in the process of developing a new online platform which will be available from October 2018. This easy-to-use and cost-effective platform will offer immeasurable peace of mind to business owners throughout Ireland. This online digital platform will grow Data Protection Group’s market share and customer base in the coming 12 months.
The wide range of consultancy services, training options and products available at Data Protection Group can help SMEs, corporates, Government departments and professional bodies manage the many challenges under the GDPR. These services will also help them with upcoming new legislation such as the ePrivacy Regulation that are due to come into force in 2019.
For more information, please contact The Data Protection Group, Level 1 The Chase, Carmanhall Road, Sandyford, D. 18 Y3X2. T: (+353) 1 685 5025. E: [email protected]. W: https://www.gdpr.ie https://www.gdprtraining.ie