The General Data Protection Regulation (GDPR) is due to come into effect on 25 May 2018, replacing the existing data protection framework under the EU Data Protection Directive. The GDPR emphasises transparency, security and accountability by data controllers and processors, while at the same time standardising and strengthening the right of European citizens to data privacy.
The GDPR will enhance existing individual privacy rights considerably, and organisations should review in advance their current employment practices to ensure alignment and compliance.
The Office of the Data Protection Commissioner has produced GDPR specific guidance that organisations should familiarise themselves with, in anticipation of legislative changes next year. The DPC will continue to release briefing notes for data controllers and data processors in the run up to the implementation date, and has also launched a GDPR dedicated website.
Employers are also encouraged to have a data protection policy, which includes details on the recruitment practices, use of information and communications technology, transfer of personal data, record keeping and other key issues relevant to the organisations' obligations under data protection legislation.
Data Protection Bill 2018 - A Summary
29/03/2018 - The Data Protection Bill aims to give further effect to the General Data Protection Regulation in the limited number of areas in which Member State flexibility is permitted. Some of the provisions most pertinent to employers preparing for GDPR are considered in this article.
Use of GPS/vehicle tracking systems and data protection
25/01/2018 - The use of GPS/vehicle tracking systems involves the collection of personal data as they record the location of the individual in charge of a vehicle at any particular time. An employer using or considering using a tracking system must be able to show a good business reason for such surveillance and may need to add a privacy switch.
Data access requests under GDPR
21/09/2017 - Employers will need to be familiar with how the new General Data Protection Regulation (GDPR) will affect their normal business operations. This article deals with the changes that will be effective from 25 May next year regarding how individuals can make a data access request to their current, former or potential employer.
New Ibec guides on GDPR issues
08/05/2017 - Ibec's GDPR taskforce have produced two new guides to help employers understand and comply with the General Data Protection Regulation that will come into force on 25 May 2018.
Are you a social media savvy employer?
12/04/2017 - These days many roles are devoted to engaging with customers across various social media platforms. It is important to train staff who are required use social media for work and to have a clear policy for those who are not.
Data Protection – Recent Developments
28/01/2016 - 2015 was a busy year for data protection and there is no sign that 2016 will be any different. We review some of the most notable developments of 2015 and consider what businesses should look out for in 2016.
Data Protection Compliance Checklist
24/03/2015 - While managing personal information can be a difficult challenge for organisations, it is essential that organisations are aware of their obligations to those individuals whose personal data they hold, and have in place appropriate policies and procedures to monitor and ensure compliance with data protection legislation. Key obligations may be summarised in terms of eight fundamental principles set out in the Data Protection Acts 1988 and 2003 which must be followed.
Can an employee electronically record a disciplinary hearing?
26/02/2015 - Employers sometimes receive a request from an employee asking to make an electronic recording of a disciplinary hearing. Do they have a right to record?
Handling data access requests
12/12/2014 - The rights of employees (as data subjects) in relation to personal data held by their employer and an employer's obligations to provide information are explained in the Data Protection Acts 1988 and 2003. The Acts impose certain key responsibilities on organisations in relation to giving employees access to the data which is held about them.
Data protection guideline
07/11/2013 - This guideline sets out the current position regarding data protection legislation in Ireland under the Data Protections Acts 1988 and 2003.
The legalities of electronic employment records
30/10/2013 - A party appearing before a court or tribunal seeking to rely on the contents of a document may be called upon to adduce primary evidence of those contents i.e. the original document in question.