Two thirds of firms 'concerned' about GDPR breach says survey
MORE than two thirds (69 per cent) of companies surveyed by the NI Chamber of Commerce and corporate law firm A&L Goodbody say they are ‘concerned' or ‘very concerned' about a potential breach of the new General Data Protection Regulations (GDPR).
And despite the tougher legislation set to go live in exactly a month's time (May 25), just 22 per cent of the 270 businesses surveyed say they feel sufficiently prepared.
“It comes as no surprise that local companies are feeling concerned about a potential GDPR breach – especially given some of the alarming press coverage in recent months about the new penalty regime for failure to comply,” A&L Goodbody partner Mark Thompson said.
But he reassured companies that there is still time to prepare to ensure they are GDPR-compliant.
“There are complexities to the legislation and there are key commercial decisions to be taken by businesses – but there are essentially two basic principles to the regime: increased transparency and increased accountability.
"And if you buy into transparency, there is little to fear in the latter."
He added: “In order to be compliant, companies must understand what data they collect and hold, why they hold it, where it is stored, how they use it and who it is shared with.
"They must then take the necessary steps to amend their internal policies, IT and operational processes and governance accordingly – something on which a legal adviser or GDPR specialist can advise.”
Six per cent of the companies survey fear they will have to ‘completely transform' their marketing processes to ensure compliance.
“Ensuring compliant marketing processes will be one of the biggest challenges under the GDPR," Mr Thompson added.
“Companies must review their existing methodologies and databases to understand the legal basis upon which they are currently relying for marketing – such as an individual's consent or a legitimate business interest.
“Firms must also check that they have kept a record of who has previously unsubscribed from receiving marketing communications and ensure not to contact these individuals again.”
Ann McGregor, chief executive of the NI Chamber, said: “The message is clear – act now before it's too late. Members must review their processes to determine what changes they need to make to be compliant. We will continue to support companies as they prepare for and adapt to GDPR in the coming months.”