SMEs ‘need instruction’ from watchdog on GDPR

Pádraig Hoare

Data-protection authorities have been urged to be “instructive, rather than punitive”, towards SMEs, following the introduction of the EU’s general data-protection regulaion (GDPR) this week.

Chief executive of Isme, Neil McDonnell, said many small firms were still getting to grips with the requirements of GDPR. A survey from the Data Protection Commissioner’s (DPC) office showed a large number of firms still have gaps in their preparation.

The DPC survey, last month, showed SME awareness of GDPR was 90%, doubling the rate of last year. A similar number realised it would be implemented this Friday, May 25.

However, fewer than a third of leaders are able to name three changes in the data-protection law, compared to only 6% in 2017.

Just 44% know if their business will be required to appoint a data-protection officer within the organisation, even though two-thirds know the penalties associated with the GDPR.

Some 45% have carried out an assessment of all the personal data held in the organisation.

The GDPR was ratified in 2016, following four years of negotiation, replacing the existing directive on data protection.

Unlike an EU directive, which can be implemented over a certain time, the regulation is made law once it begins this Friday, meaning penalties can be imposed from day one.

The regulation is designed to harmonise data-privacy laws across Europe and to protect citizens’ data privacy. It not only applies to organisations within the EU, but also to firms that do business inside member states.

If companies fail to comply with the regulation, they can be fined up to 4% of annual global turnover, or €20m.

Mr McDonnell called for a bedding-in period for SMEs.

We would hope the DPC would be instructive, rather than punitive, handing out fines. We are still running seminars even at this stage on GDPR, he said

He said for most SMEs, implementing what was required for the GDPR should not be difficult, but needed to be taken seriously.

“It can be done at minimal cost, with simple measures taken. But it does need time and effort, implementing processes,” he said.

More in this Section

OECD predicts unsustainable rise in use of raw materials

People encouraged to start search for Christmas jobs early

Dr Martens stamps authority with rising profit

Jobpath finds jobs for 20,000 long-term unemployed

Breaking Stories

Here's how to taste Honey properly

National Curry Week: 7 unusual ingredients to spice up your dish

5 ways to beat FOMOMG – the fear of missing out on your life goals

Everything you need to know about presenter Maya Jama’s eclectic and 90s-inspired style

More From The Irish Examiner