Irish firms ‘not ready’ for GDPR
THREE-QUARTERS of Irish businesses say they’re not ready for next year’s General Data Protection Regulation (GDPR), according a new survey by McCann Fitzgerald and Mazars.
The new rules, which come with potential fines of up to €20m or 4pc of a company’s global turnover, are due to take effect on May 25.
However, the latest survey of Irish businesses shows “serious levels of difficulty for Irish businesses in complying” with the new regulation.
Some 95pc of businesses say that meeting the compliance requirements of the GDPR will be “challenging or extremely challenging”, an increase on sentiment last year.
The Mazars/McCann Fitzgerald research shows that 75pc believe their existing data protection and privacy notices and methods of consent “will require significant changes”, a sharp increase on the same period last year.
Almost half say that complying with the new mandatory breach notification period of 72 hours will be “very challenging” or “extremely challenging”.
Over a third of organisations have yet to appoint a data protection officer, as is required under the new regulation. This is a 6pc increase since 2016.
The Irish data protection commissioner, Helen Dixon, has warned Irish companies that she there will be no leeway or second chances for non-compliance of the new rules.
According to the survey, specific concerns around GDPR implementation include a difficulty in complying with requirements for international transfers, with 89pc expecting to find it “challenging” or “extremely challenging”.