Staff disputes fuel data complaint rise
AGGRIEVED employees facing dismissal or disciplinary proceedings have helped fuel a record rise in data access complaints to the Office of the Data Protection Commissioner.
Last year the number of complaints surged by almost 80pc, from 1,479 in 2016 to 2,642 in 2017, with access rights accounting for the largest single category (52pc). Commissioner Helen Dixon said the DPC is increasingly being called to mediate disputes between employees and employers, but denied workers were misusing Ireland’s data protection laws to go “fishing” for material.
“The best results are where we see it through to an amicable solution, if at all possible,” said Ms Dixon whose office is anticipating an immediate, “exponential increase” in the number of data protection breaches notified by companies and public bodies once new EU laws – known as the GDPR – come into effect in May.
There was a 26pc increase in the number of valid data security breaches recorded last year by the DPC, now one of the most highly-resourced national data protection authorities in the EU. At present, reporting of data breaches is voluntary. However, from May 25 reporting of breaches – not later than 72 hours after the company becomes aware of the breach – will become mandatory.
“The most significant thing around breaches, notification of breaches or any other aspects of the GDPR is that accountability lies with the organisation,” said Ms Dixon. “Boards need to be aware of GDPR and need to understand the risks to the reputation of the organisation if it fails to comply, of monetary fines, as well as the fact that individuals will have a much greater right to go to court and seek compensation where there have been contraventions.”
Ms Dixon said that organisations should see GDPR as an opportunity, adding that those who demonstrate a true commitment to data protection will be rewarded in the marketplace for their services.