Most Irish businesses feel they have correctly interpreted their obligations under new data protection regulations but compliance has been a challenge, according to a new report.
The GDPR awareness report, published by Mazars and McCann FitzGerald, said 84 per cent of businesses were confident they were meeting the requirements of the General Data Protection Regulations, which came into force on May 25th this year, with 88 per cent believing they had interpreted the regulations correctly.
More than 80 per cent said the new rules had been beneficial for individuals, and that they are exercising their rights under the new laws, with 56 per cent of businesses reporting an increase in data subject requests since May.
However, 68 per cent said putting the structures in place to become GDPR compliant was a challenge.
‘Information governance’
"Nobody said the road to GDPR compliance would be easy but most organisations have found it to be a worthwhile, albeit, at times painful, exercise in terms of information governance, something they may not have done otherwise," said Paul Lavery, partner and head of technology and innovation at McCann FitzGerald. "Overall, organisations are cautiously optimistic. This optimism is likely to be tested in the coming months as enforcement actions and data subject activism start to kick in."
More than two-thirds of respondents have appointed a data protection officer, with 52 per cent looking in-house.
“We see that although there is still work to be done, the majority of businesses are adapting to the new legislation,” said Liam McKenna, partner at Mazars. “It is clear that embedding compliance into business as usual functions, in order to demonstrate accountability, is proving challenging.”
The cost of implementing GDPR compliance was also a challenge for businesses, with 61 per cent says it cost more than expected. More than half of businesses said it cost between €50,000 and €250,000.