Watch out for crumbling cookies
Your business’ compliance journey is an essential component of your operations. Ignoring it could mean big penalties to be paid. The issuing of fines has begun!
The Data Protection Commission
The Data Protection Commission (DPC) upholds and ensures the protection of personal data across Ireland, and its powers similarly extend into the European Union (EU). While the DPC is tasked with ensuring GDPR compliance, it also ensures compliance with the Irish ePrivacy regulations, and the EU Directive related to Law Enforcement. GDPR and ePrivacy compliance are essential business processes, and falling foul of the regulations can now lead to fines, penalties, or other consequences for your business.
The first GDPR fine
In May 2020, the Irish DPC issued its very first GDPR fine, bringing home the reality to all of us that compliance is no longer just a concept. The reality of penalties, fines, and other potential consequences for companies has now hit the road, and the need to ensure your business has begun its compliance journey is essential. It should be noted that the Irish DPC’s first fine was issued in relation to three data breaches, related to the unauthorised disclosure of personal information.
The matter of consent
At the crux of compliance, lies the matter of consent. As we’ve outlined before, obtaining consent is not as simple as a Yes/No tickbox:
“Obtaining your customers’ and suppliers’ consent to collect, store, and use their information is an important part of your GDPR compliance procedures. But, the way you obtain that information, and how you communicate with your customers and suppliers around why you need particular sets of information, is just as important. To clear up any confusion, obtaining the consent of your customers, suppliers, and data subjects is not as simple as asking a yes/no question. Rather, obtaining explicit consent is a far more complex procedure, but one that must be followed. Explicit consent is required when your business needs to obtain special category data for its data subjects. This could include medical records or other specified types of information.”
The complexities of compliance
Ensuring your business is compliant with the GDPR regulations and the ePrivacy regulations is important, but it need not be as complex as you think. A compliance audit gives your business a starting point for your compliance journey, without inflicting too much pain. You can’t begin your compliance journey without knowing where your business stands. Your starting point enables you to optimise your business, streamline your processes, and avoid those nasty penalties.
Cookies and consent
As a communications consultant and freelance writer, Cath has helped more than 100 brands, businesses, and people, find the right words to tell their important stories. Cath points her cursor and bashes her keyboard to create useful, reliable content for people who want to learn more about blockchain technologies, finance, property, online safety & information security.