The EU's General Data Protection Regulation (GDPR) is coming into effect early next year to harmonise data protection rules throughout the EU.
The new regulation, which comes into effect in May 2018, will replace current data protection regulations across the EU, which are woefully out of date.
Irish businesses needs to start preparing for the new regulations now if they are going to be ready for this seismic shift in how consumer data is stored – the change is going to be as significant to how business is conducted in the 21st century as Health & Safety regulations were in the 20th century.
The GDPR is designed to increase consumer protections and will oblige of companies to ask for consent to store the data, protect it carefully and destroy it comprehensively if requested.
Crucially, the new regulation doesn't just cover tech behemoths like Google, Facebook and Amazon - any company large or small that stores customer information of an EU citizen is covered by the regulation.
Sticking your head in the sand, or adopting a 'wait and see' approach for your business is not advisable - the GDPR introduces significant fines for non-compliance and for non-reporting of data breaches, and gives consumers a greater say over what companies are allowed to do with their data.
For instance, if your company has a significant data breach you must first notify the individuals affected, and then notify the Data Protection Commissioner within 72 hours of your organisation becoming aware of it.
If your company fails to meet the deadline it risks being fined up to €10m, or 2pc of its global annual turnover, whichever is greater. Continued failure to comply and for more serious offences, fines can increase to 4pc of global annual turnover or €20m, whichever is greater.
While the new regulations will ultimately provide straightforward guidance and direction to Irish companies on what they do with consumer data and will bring to an end to the “Wild West” age of data protection, it will also provide significant challenges to anyone person or company responsible for storing consumer data.
If your preparations for the implementation of GDPR are not already well underway, the Datasec 2017 conference on 3rd of May in the RDS in Dublin is going to provide all you need to know.
The event will provide expert speakers, information and insight to help your business comply with GDPR and get the most out of the new legislation.
Click here to book your place now.