In May of this year, GDPR will have been officially in effect for three years. In that time, a variety of data protection investigations, fines and data breaches have been in the headlines and data protection came to the forefront of business conversations.
However, while plenty of businesses have excelled in the data protection and privacy space, the ever-changing landscape has caused many leaders to worry about ensuring maximum protection when it comes to the data their companies hold.
Now, a new survey has highlighted the increasing uncertainty businesses feel when it comes to Ireland’s data protection landscape.
Surveying 250 organisations across Ireland, the Association of Compliance Officers Ireland (ACOI) found that 76pc of Irish businesses believe the data protection landscape is more uncertain now than it was 12 months ago.
Brexit was the most cited reason for this uncertainty, followed by the increase in remote working and the impact of the Schrems II ruling.
Michael Kavanagh, CEO of ACOI said it’s unsurprising that Brexit is the frontrunner for the growing uncertainty. “What’s arguably more insightful is that more than a quarter of respondents say the growing prevalence of remote working is causing major issues and a similar number feel that the implications of the Schrems II ruling is adding to the ambiguity,” he said.
The concerns about remote working echo another survey from last week, which suggested that 80pc of organisations believe large-scale remote working during the pandemic has created additional data protection risks.
The survey from Irish law firm McCann FitzGerald and audit, tax and advisory firm Mazars also found that only 55pc of respondents said they have implemented new procedures or policies to mitigate data protection risks.
Meanwhile, the landmark Schrems II ruling in July 2020 would have a direct impact on any organisation relying on Privacy Shield or standard contractual clauses (SCCs) for data transfers.
SCCs are designed to ensure that European citizens enjoy the same level of protection for their personal data when it is processed outside the EU. They are used by thousands of companies to transfer data outside of the EEA.
At the end of 2020, the European Commission published a draft of the new SCCs for the transfer of personal data to third countries, as well as a draft implementing decision on such transfers for public consultation which ended on 10 December 2020.
Kavanagh said businesses will be watching closely to see the final outcome of this. “SCCs are widely used by both SMEs and multinational firms to facilitate international transfers of data. Similarly, in our experience, industry views the proposed supplementary measures proposed by the European Data Protection Board as too onerous and unworkable.”
He added that for businesses concerned about data protection, it’s important to focus on the basics. “Having clear policies in place and developing a robust data protection culture throughout the whole organisation. Human error is often a key factor in data breaches, so ensuring that new and existing staff receive regular training on privacy best practice is key.”
The post Data protection landscape more uncertain than last year, survey finds appeared first on Silicon Republic.