The General Data Protection Regulations are an attempt to monitor and control the storage processing, and deletion of personal data in the EU.
Personal data is data that can identify or relates to a living person.
A data subject is the person to whom the personal data relates.
With the advent of new technologies, data is beginning to be compiled and processed in ways that have never before been possible. Modern commercial reality is that large amounts of personal data is capable of being monetised for targeted advertising and other exploitation.
Data breaches of large stores of personal data such as names and addresses can facilitate crimes such as credit card fraud, imposter crimes.
Biometric data such as DNA, medical histories, physical appearance and characteristics and other sensitive data is also now being stored for such documents as passports and by various private companies who operate apps that may harvest and store this data.
By way of a regulatory balance Europe has introduced comprehensive legislation to protect personal data called the General Data Protection Regulations which set down a comprehensive framework for the collection, processing, storing and ultimately deletion of data. In short personal data should not be held for longer than its use is required and after that must be securely deleted and destroyed.
The Regulations identify special categories of sensitive personal data which cannot be processed unless the data subject has given their explicit consent.
In Ireland the Data Protection Commission is responsible for enforcing the application of the regulations and has a wide range of powers such as carrying out investigations, issuing warnings, banning processing and commencing legal proceedings. The Regulations also provide for large possible fines for breaches.
If you have a data concern or which to protect your business by putting robust data procedures and policies in place we can assist you.
Tully Rinckey Solicitors advise on all aspects of compliance regarding data protection obligations, including cyber security. Additionally, our Solicitors advise on access requests, data protection notices and policies and international data transfers for clients. Firm Solicitors also advise on regulatory developments as well as EU General Data Protection Regulation.