JUST 5 per cent of manufacturers in Northern Ireland are aware of and have taken steps to prepare for new stringent data protection regulations, which come into effect in May.
According to a new survey conducted internally by Manufacturing NI just one in 20 members are prepared for the new General Data Protection Regulations (GDPR). Europe's new framework for data protection laws, it will replace the current 1995 protection directive, which UK law is based upon.
The GDPR legislation will govern how organisations should handle and protect their personal data, and, whilst GDPR is an EU directive, it will apply to organisations outside the EU offering goods or services to EU citizens. Therefore, even Brexit will not exempt any businesses operating within Northern Ireland.
As part of the new regulations, organisations must keep records of all personal data, be able to prove that consent was given, show where the data's going, what it's being used for, and how it is being protected. Non-compliance could lead to huge fines of £18 million or 4 per cent of global turnover, whichever is the greater.
Chief executive of Manufacturing NI, Stephen Kelly said it is imperative all businesses and organisations are prepared for the forthcoming changes in regulation.
"This alarming statistic should act as a source of concern for the whole business community in Northern Ireland. We will be urging all of our members to seek training and advice on what is proving to be a huge shift in how businesses store everyday items of data like phone numbers and email addresses. In what is already a financially challenging working environment, our firms simply cannot afford to suffer fines of this magnitude.”
Barrister and GDPR expert Orlagh Kelly has been providing training for businesses across Northern Ireland ahead of the law change and urged all businesses to "urgently" seek advice.
“The clock is ticking for businesses in Northern Ireland, and, unfortunately turning a blind eye will not work from May 2018 onwards. GDPR is the widest-ranging amendment to data protection law in the UK in 20 years. As a society we all have a duty to ensure that businesses are aware and make steps to become compliant. Brexit simply will not provide an exemption, as data protection will be one area of law that will remain unaffected by the UK’s departure."
