Datasec event to shine light on new EU regulations
The EU's General Data Protection Regulation (GDPR), which comes into effect early next year, will harmonise data-protection rules throughout the EU. The new regulation will replace out-of-date EU data protection regulations.
Irish businesses needs to start preparing now if they are going to be ready for this seismic shift in how consumer data is stored - the change is going to be as significant to how business is conducted in the 21st century as health and safety regulations were in the 20th century.
The GDPR is designed to increase consumer protections and will oblige companies to ask for consent to store the data, protect it carefully and destroy it comprehensively if requested.
Crucially, the new regulation doesn't just cover tech behemoths like Google, Facebook and Amazon - any company large or small that stores customer information of EU citizens is covered by the regulation. Adopting a wait-and-see approach for your business is not advisable - the GDPR introduces significant fines for non-compliance and for non-reporting of data breaches. It gives consumers a greater say over what companies are allowed to do with their data.
For instance, if your company has a significant data breach you must first notify the individuals affected, and then notify the Data Protection Commissioner within 72 hours of your organisation becoming aware of it.
If your company fails to meet the deadline it risks being fined up to €10m, or 2pc of its global annual turnover, whichever is greater. For more serious offences and continued failure to comply fines can increase to 4pc of global annual turnover or €20m, whichever is greater.
While the new regulations will ultimately provide straightforward guidance and direction to Irish companies on what they do with consumer data, they will also pose significant challenges to any person or company responsible for storing consumer data.
DataSec 2017 is Ireland's Data Protection Conference focusing on the new GDPR regime. Find out all you need to know about GDPR compliance at DataSec 2017 on May 3 in the RDS. For tickets see: https://eventgen.ie/dublin-data-sec-2017
Sunday Indo Business