Support: 01 5241350

Complimentary IT Assessment | Get a Quote

GDPR is now a year old are you fully compliant?

May 25th2018 is a date that every business should remember. On this date GDPR legislation became active. This legislation which applies to all countries in the EU, relates to data protection and privacy for individual citizens in the EU and the European Economic Area. 

So, what should you be doing to be fully compliant?

Under the GDPR legislation you might need to have a Data Protection Officer (DPO). This only applies to public authorities and bodies and private sector organisations, that regularly and systematically monitor data subjects or process personal data as part of their core activities. 

You need to be fully prepared to handle a data breach and the data protection commission states on their website:

“To facilitate decision-making and determine whether or not your organisation needs to notify the relevant supervisory authority and affected individuals, you should have a high-quality risk management process and robust breach detection, investigation and reporting processes.”

Once you are aware of a breach occurring you have 72 hours to report it to the data protection commission. All those affected have to be told. as soon as possible. Reporting breaches are only done if it is a repetitive breach or if it is likely to have a considerable impact on individuals. 

The data protection commission also mention the following 4 levels of risk which determine if you report a data breach. 

  • Low Risk: The breach is unlikely to have an impact on individuals, or the impact is likely to be minimal.
  • Medium Risk: The breach may have an impact on individuals, but the impact is unlikely to be substantial.
  • High Risk: The breach may have a considerable impact on affected individuals.
  • Severe Risk: The breach may have a critical, extensive or dangerous impact on affected individuals.

If you have all of the above in place, you will have nothing to worry about. But if you don’t you could be liable to fines of 4% of your turnover or €20M which ever is greater.

iPing provides managed services and IT services and we can help provide you with an overview of your current GDPR setup, and if you are compliant. So, if you need some help with the above please contact us or give us a call on 01 5241350.