25pc of Irish firms may not be GDPR-compliant

25pc of Irish businesses may not be GDPR-compliant, which may create major legal headaches and trust problems in the year ahead.

Almost a quarter of IT decision-makers in Irish businesses fear that their organisation is not compliant with the General Data Protection Regulation (GDPR) regulations that became law last year.

In an independent survey commissioned by data centre player Equinix amongst 103 IT decision-makers in Ireland, the resulting need for a focus on data regulations was highlighted.

“The fact that a quarter of Irish enterprises might be exposing themselves – and their customers – to data infringements is very worrying”

The research showed that more than three-quarters (76pc) of IT decision-makers say that complying with data protection regulations is a top priority for their business’s technology strategy, while 44pc reported changing regulatory requirements around data privacy are a threat to their company.

The data ties that bind

Man in blue suit standing in the middle of servers.

Maurice Mortell, managing director for Ireland, Equinix

To bolster its own GDPR compliance and to help customers navigate GDPR, Equinix has just completed the rigorous process of Binding Corporate Rules (BCRs) approval by European Union (EU) regulators. In doing so, it becomes the first company to have its BCRs approved by the European Data Protection Board (EDPB) consisting of all 27 Member States set up under the new GDPR regime.

BCRs are designed to allow multinational companies to transfer personal data from the European Economic Area (EEA) to their affiliates located outside of the EEA, while adhering to the highest standards, as demanded by EU regulators.

The process to get the BCRs approved with the Information Commissioner’s Office in the UK (ICO) as the lead data protection authority was conducted against the backdrop of uncertainty around Brexit and complicating factors as to what a possible no deal exit from the EU may mean for the standing of the ICO and the current BCRs application.

“Given the importance of regulatory compliance in today’s business environment, gaining BCRs approval is a significant achievement for Equinix,” explained Maurice Mortell, managing director for Ireland at Equinix.

“It gives our business partners the confidence that the personal data we obtain will be protected to the highest standards as set by the European Union. We are the first company to have our BCRs approved in the post-GDPR era, and we want to be a leader in compliance.

“As global and Irish business communities strive to become more compliant, they are choosing interconnection – or private connectivity – to mitigate many of the risks associated with being a digital enterprise today.

“The fact that a quarter of Irish enterprises might be exposing themselves – and their customers – to data infringements is very worrying. It highlights the need for businesses here to seize responsibility and ensure they are taking all of the necessary steps to be truly compliant,” Mortell said.

Written by John Kennedy (john.kennedy3@boi.com)

Published: 19 December, 2019