10 practical steps to data protection
Getting it right
Privacy and data protection concerns present a growing challenge. Over the past 12 months there have been more high profile data protections incidents in Ireland and across Europe. These have related to both paper and electronic data breaches.
Concerns and losses of personal information and sensitive data can lead to regulatory fines and significant risk to an organisation’s reputation. By implementing good practices and conforming to the associated requirements organisations can prevent unforeseen interruptions to their operations. The privacy and data protection balancing act is complicated by a host of factors.
There is the large amount of data held by organisations, the number of people who need to access this as part of their job and the number of forms, reports, systems and databases where data is held. Also with globalisation, organisations operate in countries outside their own jurisdiction. Transferring data across jurisdictions requires understanding of international requirements in addition to significant controls and management of data in transit.
There are few organisations which do not hold personal data, for example, HR files alone constitute personal data. Even if you are exempt from registration requirements, you must comply with data protection legislation. Primarily the business driver must be about protecting data and protecting your business.