In effect since 25th May 2018, the general data protection regulation (GDPR) strengthens existing rights, provides for new rights and gives citizens more control over, and access to, their personal data. It modernises and unifies rules allowing businesses to reduce red tape and to benefit from greater consumer trust. GDPR is part of the EU data protection reform package, along with the data protection directive for police and criminal justice authorities.
However, this new regulation comes at a cost of a strict compliance regime. All companies that process the data of EU residents must comply with the new requirements or submit to financial penalties.
On 2nd February 2018, the Government published the Data Protection Bill 2018 to give effect to the GDPR.
'GDPR - Six Months Post Implementation - A survey of the impact of of GDPR and its effect on organisations in Ireland' by McCann FitzGerald and Mazars, published November 2018
IoD GDPR Preparedness Survey
In February 2018, we asked IoD members to take a brief survey on GDPR preparedness. Some key findings include the following:
- One third of directors surveyed are concerned with the cost of GDPR compliance.
- 28% of companies intend to spend up to €10,000 and 41% plan to spend up to €50,000 on implementing GDPR requirements.
- One-third (32%) of directors say their organisation only began preparing for the GDPR in the last three months with 12% of companies beginning preparations within the last month.
- More than half (52%) of all relevant staff have not yet received GDPR awareness training.
- Just under half (47%) say that their organisations have already recruited external advisers to assist with preparations in respect to the GDPR.