Your Trusted Advisers
There was some concern that after the 31st of December 2020, Irish and EU businesses would no longer be able to freely transfer personal data in the same manner as previously. While businesses were right to have this risk on their radar, the eleventh hour Trade and Cooperation Agreement did make provision for the continued smooth flow of personal data. This means that we do not have to regard the United Kingdom as a third country for the purposes of GDPR. We may effectively continue as before.
Ordinarily at this time of year, I advocate a total switch off from all things work. However, the one thing that does not take a break over the Christmas period is the obligation to report a data breach to the Data Protection Commissioner. All data breaches must be notified within 72 hours.
A Data Protection Agreement is necessary when an organisation allows any third party to access or process personal data. This includes storage of files in the cloud, the use of work management systems, marketing or bulk-email software, as well as any situation where you allow access to an individual’s personal data by anyone outside of your organisation. If you are sharing personal data, it is your obligation to ensure that there is a DPA in place.
Under GDPR, children benefit from all the same protections as adults in respect of their personal data. However, organisations must take particular care in respect of processing the personal data of children, a child being a person under the age of eighteen years.
law@fitzsimonsredmond.ie
© 2023 Fitzsimons Redmond LLP
Theme by Anders Noren — Up ↑
