EU data regulation ‘an opportunity’

Companies should embrace the changes coming with the implementation of the General Data Protection Regulation (GDPR) rather than fear them, a report by insurance broker and risk management firm Marsh UK & Ireland suggests.

GDPR is designed to harmonise data privacy laws across Europe and to protect citizens’ data privacy. It not only applies to organisations within the EU but also to firms that do business inside member states.

Companies who fail to comply with the regulation can be fined up to 4% of annual global turnover, or €20 million.

The GDPR was ratified following four years of negotiation, replacing the existing data protection directive. Unlike an EU directive, which can be implemented over a certain time, the regulation is made law once it begins in May 2018, meaning penalties can be imposed from day one.

Cybersecurity experts have warned that companies must begin their preparations now for the GDPR, which has 90 different principles related to data protection. However Marsh UK & Ireland said GDPR was an opportunity for firms and should not be feared.

Cyber-risk leader at Marsh UK & Ireland, Peter Johnson said: “Rather than regarding compliance with the GDPR to be a costly and disruptive undertaking, Irish firms should see it as an opportunity. These organisations can improve how they safeguard personal information, boost their understanding of how data can add value to their business, and forge a new relationship with clients based on enhanced transparency and security that can further build trust.”

Marsh said that in preparation for what it called the most significant change to the EU’s data protection laws in over 20 years, firms need to review their procedures for managing personal data.

It recommended firms re-examine their current insurance arrangements to ensure any applicable indemnity limits will cover the costs associated with investigations and breaches under the GDPR.

Marsh Ireland regional leader Charles Barry said: “The GDPR will go a long way towards helping Irish firms repair the breakdown in trust with their clients in terms of how personal data is used, enabling proactive businesses to take greater advantage of the data-driven economy.”

Research carried out by iReach ahead of the Dublin Data Summit last week found 66% of 150 businesses surveyed across the country did not realise what they would have to do regarding the GDPR. Some 62% are either unsure how long their business stores CCTV footage or have no related privacy policy in place.


It’s not what you have that makes you happy, it’s what you do. And what better time to be proactive than during the season of goodwill, says Margaret Jennings.Joy to the world: Strategies to increase your happiness during the season of goodwill

For a magical mantelpiece makeover the natural way, foliage and garlands add showstopping sparkle to the scene, says Hannah Stephenson.Bring Christmas cheer indoors: Foliage and garlands add showstopping sparkle

More From The Irish Examiner