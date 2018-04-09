09 Apr 2018 | 04.39 pm

Data Commissioner Helen Dixon has told Dublin Data Sec 2018 that “no organisation can afford to take the risk of not implementing the General Data Protection Regulation” that come into effect on May 25.

Dixon’s keynote speech at the data security conference focused on the new environment for Irish businesses, charities, voluntary groups and public sector organisations which the new European GDPR rules will create from that date.

“The GDPR is specifically structured to place responsibility on organisations. Sooner or later, failure to demonstrate and implement accountability will catch up with your organisation,” said Dixon.

“No organisation can afford to take the risk of not implementing (the legislation). Organisations need to have a clear system for staff, clear disciplinary action for employee misuse of data and a plan for existing staff that would have access to data.”

Minister Pat Breen (pictured) said the Data Protection Bill 2018 will provide Ireland with the robust data protection framework that is essential to realising the enormous potential that digital technologies offer to our economy and society. “We know that the GDPR brings changes and challenges for organisations and businesses of all sizes, but it is important that it is not regarded with fear,” he said.

Information security industry expert Brian Honan, chief executive of BH Consulting, told the conference that the issue was one of “transparency and accountability”, while Emerald de Leeuw of Eurocomply GDPR Software said that “data protection and innovation can coexist if it’s done properly”.

A recent survey of 350 Irish businesses found that less than half of businesses in Ireland are prepared for the new data protection regulations. Although data security is a priority at board level for over eight in ten respondents, this is not reflected in GDPR planning and preparation by Irish firms.

Under the GDPR directive, businesses or organisations can be fined up to €20m or 4% of annual global turnover, whichever is highest, for non-compliance.