Home Knowledge Irish Data Protection Commissioner Warns of GDPR Storm on the Horizon for Small Businesses

Irish Data Protection Commissioner Warns of GDPR Storm on the Horizon for Small Businesses

June 15, 2017
Partner
John O’Connor

 
On 25 May 2017 Ireland’s Data Protection Commissioner, Helen Dixon, warned that many small to medium companies in Ireland were not aware that a significant legal change will be implemented in May 2018. The Commissioner spoke at the launch of a new website called GDPRandyou.ie which aims to provide organisations with the steps they will need to undertake in order to comply with the upcoming General Data Protection Regulation (GDPR). 

The Commissioner acknowledged that the new rules will mean extra costs for businesses but clarified that they should be seen as contributing to a new European digital economy that will ensure protection for the rights of consumers. “These data protection laws are about having a sound data governance programme and policy” she stated, “but they are also about maintaining the trust of consumers and customers.”

However according to a new survey by Amárach Research, only 14% of small to medium sized firms have begun preparing for GDPR and 83% were not able to say what changes GDPR would mean for their business. “The GDPR is a game-changing overhaul of our current data protection laws,” the Commissioner warned, referring to the research; “it will impact every type of company and organisation regardless of their size and require many of them to take significant action well before 25 May 2018”.

The new website contains a twelve step guide for organisations who have not yet developed a GDPR readiness plan. The guide emphasises that a significant lead-in time is necessary to ensure all new requirements are met.

The Commissioner’s comments come the same month as the Irish Government published a preliminary draft of the Data Protection Bill 2017. This draft Bill acknowledged that there is a likelihood of ‘”resource intensive’” cases due to the large amount of multinational companies based in Ireland that fall under the Commissioner’s jurisdiction and the requirement for a one-stop-shop mechanism for data protection under the GDPR. Additionally, although not directly mentioned by the Commissioner, the complicating factor of Brexit will also likely compound the workload for the Commissioner post- May 2018. For these reasons the draft Bill states that Irish legislators will be conducting an ‘”examination’” of the need to allocate significant resources in order to tackle the ‘”anticipated additional workload arising from the GDPR’” and it is likely that this will mean more resources for the Commissioner under GDPR.

For further information, visit William Fry’s dedicated website to the GDPR, PrivacySource, which includes in-depth analysis and practical tips on preparing for the GDPR.

Contributed by: John Magee

Twitter
Follow us on Twitter @WFIDEA @WilliamFryLaw

 

Recommended Insights

See all
Article and Insights
1
Feb 2024
Responsible Business Annual Report 2023
William Fry is pleased to launch its Responsible Business Annual Report 2023.
Article and Insights
2
Feb 2024
Digital Operational Resilience Act – second batch of technical standards launched for consultation
We focus on the second batch of draft implementation measures announced by the Eur...
WF_author_blank
Partner
John O’Connor
Article and Insights
2
Feb 2024
John Delaney Documents – Supreme Court Refuses Leave to Appeal
The Supreme Court has refused leave to appeal from a decision rejecting John Delan...
WF_author_blank
Consultant
Deirdre O’Donovan
Article and Insights
24
Jan 2024
Cross-Examining Affidavit Evidence in Insolvency Cases
The High Court recently dismissed a petition seeking the winding up of a biofuel c...
WF_author_blank
Partner
Fergus Doorly
prev
next
See all