May is approaching and the compliance with the GDPR will be a reality for all Irish business

The cost of the non-compliance with the GDPR is one of the main worries around European businesses right now. After a report showing that over half of the Irish business aren’t ready yet, the concern became a reality and now most of the companies are facing the consequences of not having their staff prepared to deal with the regulation.

Even though the GDPR just starts in May the regulation is transparent about the process involved in the case of an investigation. The Data Protection Authority monitors compliance, their work is coordinated at EU-level. Once they see a problem the company will receive a warning, the second step is a reprimand, followed by the suspension of data processing. The final phase is the fine, which is estimated at up to €20 million or 4% of global annual turnover.

Do I need a DPO or not?

The imminent arrival of the GDPR legislation has also seen a sharp rise in the amount Data Protection Officer (DPO) roles in companies. This is basically the person appointed by the company to deal with GDPR issues. The presence of a DPO is not always obligatory according to the regulation. It depends on the type and amount of data that the company collect, whether processing is your main business and if you do it in a large scale.

According to the International Association of Privacy Professionals (IAPP) more than 28000 DPO’S will be needed in Europe due to GDPR, and approximately 75000 globally. The need for DPO’s is expected to be particularly high in any data-rich industries, such as technology, but the demand is likely to permeate through the economy.

The fact is that even if your business doesn’t need a proper DPO appointed, at some point you must have a professional on your team ready to deal with the GDPR regulation. Almost all enterprises hold some data from their clients and those are becoming more and more aware of their rights and how to proceed in case of suspicion of data breach.

DPO Roles

Why training is important?

GDPR still a new topic, until it proper starts the best recommendation is to be ready and review all the process involving data. Alan Deery, New Horizons Ireland Director expects some companies being fined in 2018. ‘We have been training professionals in the GDPR area since last year, but not in enough quantity to deal with the high demand that we already can see in the market’, revels Alan.

Besides the fact that we don’t have DPO’s already prepared in the market, the proof of training can be requested by the regulator. Under the GDPR, a regulator’s investigation into a data breach or a privacy concern will include an examination of what training has been provided.

According to specialists if there is no documented evidence that the staff and contributors have been given training the investigation will be more unpleasant than it would have been otherwise. Basically, means that your company or team must have a person prepared to deal with the topics related to the new regulation, in the case of a GDPR investigation. Also, you need to get your staff trained to comply with the regulation in their daily work activities. Almost every area in the company will be somehow affected as you can see in a previous blog post:

GDPR – what each department should be asking themselves now

At New Horizons Ireland we provide a wide range of courses to qualify yourself or your team. We have upcoming dates for our GDPR courses, click here to see them.

GDPR Certifications

Other Popular GDPR courses