However, there are some important elements that any organisation which stores/transmits personal information should know.
- The Data Protection Commissioner (DPC) imposes obligations on organisations to take appropriate measures to protect the security of personal data which they store. This could include data on customers, employees, patients, etc.
- If an organisation’s files containing personal data are accessed by unauthorised persons, any potentially affected person must be notified, and a report must be filed with the DPC.
- The DPC has extensive powers over organisations deemed to have taken insufficient steps to protect personal data, to ensure any data breaches are rectified.
- Even if your organisation is a victim of personal data theft (either through an online hacking event, or theft of a physical item containing personal data, e.g. laptop), you are still liable for the data breach.
What does this mean for your business?
If you store any personal information, you should ensure that it can only be accessed by authorised staff. This starts by determining what you store, where you store it, and determining if these locations are protected against unauthorised access.
We provide technical solutions to ensure you don’t fall afoul of data protection requirements. If you have any concerns in this area, call us today at (091) 395413.