Irish businesses of all sizes should be aware of and respect their data protection obligations, says the chairman of the Association of Data Protection Officers (ADPO) Fintan Swanton.
In light of the recent penalties imposed on major telecommunications firms by the courts following prosecutions by the Data Protection Commissioner, Swanton said that all businesses that store any information on its customers should have an appropriate implement a data protection plan.
“In my opinion,” said Swanton, “the chances are that the smaller the business, the slower the uptake of data protection procedures has been. For example Irish businesses who contact their customers by email, text, fax or other electronic means are in danger of incurring penalties of up to €250,000 if they do not adhere to the letter of the law. This applies to the majority of businesses in this country but many businesses are simply not aware of their legal obligations.”
Swanton said that the recent cases highlight the challenge for data controllers to constantly track asset registers, particularly where there is personal or sensitive personal data stored on assets.
“There is a further lesson to be learned here,” continued Swanton, “with current telecommunications capability and ‘all points accessibility’; there really is no excuse for organisations to have corporate or personal data stored on the hard-drive of portable equipment. Not only does it expose the data to risk, but it makes an audit or assessment of data difficult if not impossible to complete.”
The ADPO recommends that all portable equipment should be encrypted (not just password protected), and that all staff are trained to adhere to Data Protection Acts. “These incidents impact the ability of an organisation to process its client or employee data, but also leave a lasting mark on the credibility of the corporate brand, something that is both expensive and time-consuming to repair,” concluded Swanton.
We have extensive experience of Data Protection and can assist you with your needs. Get in touch with us to discuss how we might be able to help you. firstname.lastname@example.org or call +353 1 5252914