Pictured at PwC's Breakfast Briefing on the new EU General Data Protection Regulation are (l-r): Denis Kelleher, Senior Legal Counsel, Central Bank of Ireland; Pat Moran, PwC Cyber Leader and Helen Dixon, Data Protection Commissioner for Ireland.
The event outlined that the new regulation will have significant implications for Irish businesses in terms of data privacy and protection.
PwC hosted a breakfast briefing for more than 250 senior business leaders, to discuss the implications for Irish business of the new EU General Data Protection Regulation (GDPR).
Effective from May 2018, GDPR introduces widespread changes to data privacy regulation in Ireland and across all EU countries. It is important for Irish businesses to understand the regulatory requirements, and what they need to do around data privacy and protection to become GDPR-ready.
Changes are far reaching and compliance should not be underestimated, business leaders were told. GDPR will impact all business units from marketing, to sales, to IT. Careful consideration and collaboration with all heads of functions involved will be required to ensure compliance with the new set of regulations.
Yet the new regulatory landscape could bring opportunities to Ireland for international businesses. Pat Moran, PwC Cyber Leader, said: "There are significant efficiencies for multinational companies having their key data management functions located in Ireland. If a company makes its data strategy decisions in one EU member state, it is only obliged to report to that Data Protection Commissioner. In a post-Brexit world, it will be appealing to multinationals to negotiate with one Data Protection Commissioner in the only English speaking EU member state, rather than dealing with different jurisdictions with obvious language complexities.”
Irish Data Protection Commissioner, Helen Dixon, said at the event: "GDPR will have significant consequences for businesses that process EU personal data, and trade within the EU and globally. Early planning is required and I am delighted to see a large number of companies in PwC to learn more about the impact of this new regulation, and how they can get ready for compliance."
There will be significant financial sanctions for companies that don’t comply with the new GDPR. Up to 4% of a business’s global annual turnover is at stake, if it is found to misuse or inadequately protect consumer information.
Pat Moran said: "We expect consumer litigation and class actions to quickly follow once this regulation goes live, as has happened in the US. We are already seeing niche legal firms being established to cater for the anticipated demand, which could see another Personal Protection Insurance (PPI) debacle emerging."