Harry Fehily of Holmes O’Malley Sexton solicitors speaking at the GDPR breakfast briefing at the Strand Hotel Picture: Oisin McHugh
PERSONAL data is the new cash and businesses who store or process it should act like banks was the message at a Limerick breakfast briefing ahead of the introduction of the new data protection laws across the EU.
More than 150 representatives from businesses and organisations across the region attended the event at the Strand Hotel which was organised by Holmes O’Malley Sexton solicitors in association with advisory, broking and solutions company Willis Towers Watson.
Adopted by the European Parliament last April, The European General Data Protection Regulation (GDPR) will take effect from May 25, next.
Under GDPR, the rights of individuals will be strengthened while srict obligations will be also placed on organisations and businesses who control or process the personal data of any EU citizen.
“GDPR is an area which has occupied me and my colleagues for the last period of time and I’m sure it will occupy the minds of a lot of people over the next number of years,” said Harry Fehily, managing partner of Holmes O’Malley Sexton which has established a dedicated unit dealing with cyber and GDPR.
While the new regulations do not come into effect until the end of May, he says it’s important that all organisations put a plan in place given the increasing importance of information and personal data in particular.
“Somebody recently described information as the new money, we are holding a currency and each of you are holding a currency and if you have cash in your business you need to protect it in your safe. In the same way you want to protect your knowledge and information – particularly information that’s not yours,” he said.
Those who attended the event were told that under GDPR the theft or loss of personal data could result in significant fines, reputational damage and litigation against organistions and companies which were in control of the data.
Seamus Carroll, head of the Data Protection Unit at the Department of Justice, says there are a number of key points to GDPR: increased transparency, more accountability and a strong emphasis on security.
“It forces everybody who holds and handles personal data to look at what personal data they have and what they are doing with it and this is at the very heart of GDPR,” he said, adding different companies will have to take different actions depending on the level and quantity of data they handle.
“It requires sitting down and looking at this and trying to figure it out and adopting the approach that you think suits your organisation,” he added.
Data Protection Commissioner, Helen Dixon has warned that companies and organisations need to be ready for GDPR.
“It is a game- changing overhaul of our current data protection laws. It will impact every type of company and organisation regardless of their size,” she said.