A&L Goodbody urges businesses to act on new EU data protection regulation

A&L Goodbody is advising businesses to begin planning for the new EU General Data Protection Regulation. Business have until May 2018 to comply with the new regulation but it will take time to implement the necessary changes.

The new regulation (also commonly referred to as the GDPR), which was adopted by the EU in April of this year, will feature substantial changes to current EU and Irish regulation which could have significant implications for all businesses which use data. With only a 19 month window before the regulation comes into force, businesses will need to start to review current policies and processes to ensure they meet the 25 May 2018 deadline and avoid potential heavy fines.

At a business seminar held recently by A&L Goodbody where Helen Dixon, Ireland's Data Protection Commissioner gave a keynote address, the firm launched a definitive guide to the changes in the new GDPR, the potential impacts on businesses and what priority actions need to be taken.

The seminar focused on some of the most significant changes to the data protection landscape for businesses seeking to comply with the new regulation including increased accountability and transparency obligations, strict security breach reporting obligations, the potential for significant administrative fines and the recovery of damages for non-financial loss. 

A&L Goodbody urges businesses to act on new EU data protection regulation

Pictured: John Whelan, Head of A&L Goodbody's International Technology and Data Protection Practice with Helen Dixon, The Data Protecion Commissioner

Speaking at today's seminar, Helen Dixon, The Data Protection Commissioner said: "Preparations for the new EU General Data Protection Regulation are well underway at the Irish Data Protection authority. As the national regulator it will be our duty to supervise compliance with the new law, which we are now actively preparing for by investing heavily in building our capacity to administer our new enforcement powers and to meet all of our GDPR responsibilities. With May 2018 fast approaching I would urge businesses that now is the time to commence their GDPR readiness activities. The Data Protection Authority will support businesses in the work they are undertaking towards that end, in particular, through publication of guidance and proactive engagement with sectoral and industry groups and representatives."

John Whelan, Partner and Head of A&L Goodbody’s International Technology and Data Protection Practice, said: "The new EU General Data Protection Regulation introduces substantial changes to data protection law and businesses should start taking steps to review and revise their policies and procedures. The combination of significant additional compliance obligations and heavy financial sanctions means data protection needs to be treated as a priority corporate governance item."

Date Published: 14 October 2016