New data law means ‘ongoing’ work

Businesses and organisations must realise compliance with the General Data Protection Regulation (GDPR) is ongoing and must be factored into business models, an IT expert has warned.

New data law means ‘ongoing’ work

By Pádraig Hoare

Businesses and organisations must realise compliance with the General Data Protection Regulation (GDPR) is ongoing and must be factored into business models, an IT expert has warned.

Donal Cahalane of Cork-based Republic of Work said he feared some firms and bodies could be naive enough to think their obligations towards data protection was no longer something to worry about once yesterday’s implementation deadline had passed.

The GDPR was ratified in 2016 following four years of negotiation, replacing the existing directive on data protection. Unlike an EU directive, which can be implemented over a certain time, the regulation was made law once it began yesterday, meaning penalties can be imposed from the beginning.

The regulation is designed to harmonise data privacy laws across Europe and to protect citizens’ data privacy.

It not only applies to organisations within the EU but also to firms that do business inside member states.

If companies fail to comply with the regulation, they can be fined up to 4% of annual global turnover, or €20m.

Mr Cahalane said: “Everyone has been obsessed with sorting out what needed to be done to meet yesterday’s deadline, and some think that is that. However, business processes now have to be designed with data protection in mind.

“Whether you are a one-person barbershop or a multinational, you have the same requirement. There is going to have to be a big change in the behaviour of business.”

Some small businesses reported how they lost up to 90% of their mailing list in the run-up to GDPR with users not opting in to continued communication.

Mr Cahalane said it was “likely that a big household name” would come under scrutiny in the near future in order for data protection chiefs to show they were serious about GDPR.

The GDPR does not only apply to companies and organisations within the EU, but also to those who do business or have customers in the bloc.

A number of popular websites were unavailable to EU users as soon as the GDPR was implemented, including US newspapers and television channel websites.

The Los Angeles Times, Chicago Tribune, Baltimore Sun and The New York Daily News were unavailable to visitors within the bloc, while websites belonging to the History Channel and the Lifetime Channel were also unavailable to EU users.

more courts articles

Man (25) in court charged with murdering his father and attempted murder of mother Man (25) in court charged with murdering his father and attempted murder of mother
Man appears in court charged with false imprisonment of woman in van Man appears in court charged with false imprisonment of woman in van
Man in court over alleged false imprisonment of woman Man in court over alleged false imprisonment of woman

More in this section

FILE PHOTO The Competition and Consumer Protection Commission has cleared the purchase of Goodbody Stockbrokers by AIB END Goodbody Stockbrokers fined over €1.2m by Central Bank over rules breaches
Nottingham City Centre Stock Irish staff at the Body Shop wait for wages as retailer shuts stores in the Republic
Ryanair comments on Norwegian Ryanair boss O'Leary's spat with Transport Minister over Dublin Airport escalates
IE logo
Devices


UNLIMITED ACCESS TO THE IRISH EXAMINER FOR TEAMS AND ORGANISATIONS
FIND OUT MORE

The Business Hub
Newsletter

News and analysis on business, money and jobs from Munster and beyond by our expert team of business writers.

Sign up
ie logo
Puzzles Logo

Play digital puzzles like crosswords, sudoku and a variety of word games including the popular Word Wheel

Lunchtime News
Newsletter

Keep up with the stories of the day with our lunchtime news wrap.

Sign up
Cookie Policy Privacy Policy Brand Safety FAQ Help Contact Us Terms and Conditions

© Examiner Echo Group Limited