The GDPR affects all businesses and was enacted on 25 May 2018. It has introduced substantial changes to data protection law, and businesses should ensure they have taken the necessary steps to comply with the new rules.
Contact UsBy any measure, 2018 was a historic year for data protection law with the coming into effect of the GDPR on 25 May 2018. Ireland plays an important role in the regulation and enforcement of data protection law and decisions of the Irish courts have had a disproportionate impact on European data protection jurisprudence.
TechnologyThe EDPB has published information notes on Data Transfers under the GDPR in the Event of a No-Deal Brexit, and on BCRs for Companies Which Have ICO as BCR Lead Supervisory Authority to help organisations prepare for a no-deal Brexit. The information notes build on guidance already issued by the UK ICO and Irish Data Protection Commission (discussed here). The Information Note on Data Transfe...
Commercial ContractsThe EDPB has published information notes on Data Transfers under the GDPR in the Event of a No-Deal Brexit, and on BCRs for Companies Which Have ICO as BCR Lead Supervisory Authority to help organisations prepare for a no-deal Brexit. The information notes build on guidance already issued by the UK ICO and Irish Data Protection Commission (discussed here). The Information Note on Data Tra...
Commercial ContractsThe European Data Protection Board (EDPB) has adopted an Opinion (3/2019) on the interplay between the EU Clinical Trials Regulation (536/2014) (CTR) and the GDPR, following a request from the European Commission to review its Q&A on the topic. The CTR, which is expected to enter into force in 2020, aims to harmonise the rules for conducting clinical trials throughout the EU. It does not conta...
TechnologyThe European Commission has published an infographic on compliance with and enforcement of the GDPR since from May 2018 to January 2019. The infographic reveals some interesting statistics, including: 95,180 complaints have been made to EU national data protection authorities (DPAs) by individuals who believe their rights under the GDPR have been violated. The majority of these complaints...
TechnologyData privacy is a priority for all employers but especially those with operations in more than one country. It impacts all aspects of the employment relationship and, with the increase in data transfers between businesses and across borders, employers often need to comply with multiple laws to minimize the risk of significant fines and liabilities.
EmploymentDavinia Brennan, Associate and Knowledge Lawyer at A&L Goodbody, considers what regulatory action we can expect to see from the Data Protection Commission (DPC) and the practicalities of enforcement.
TechnologyThe Data Protection Commissioner (DPC) has published her final Annual Report covering the period of 1 January 2018 to 24 May 2018. From 25 May 2018, the office of the Data Protection Commissioner ceased, and the new Data Protection Commission was created under the Data Protection Act 2018.
TechnologyOn 23 November 2018, the European Data Protection Board (EDPB) published the eagerly awaited draft Guidelines on the territorial scope of the GDPR.
TechnologyFollowing the EDPB’s Opinion last month, the Irish Data Protection Commission (DPC) has published a non-exhaustive list of processing operations requiring a Data Protection Impact Assessment (DPIA) to be carried out.
TechnologyNew Regulations require organisations to obtain an individual’s explicit consent in advance of processing personal data for health research purposes.
Technology
Some practical steps that can be taken to meet and address some of the challenges it presents
Client Tech
