Around two-thirds (64%) of organisations believe that employers should be permitted access to the vaccine status of their employees, while a majority (56%) said that the inability to process employees’ vaccine status data had impacted on a return to the office.
The results come from this year’s edition of an annual survey on the impact of the GDPR on organisations in Ireland, jointly published today by leading law firm McCann FitzGerald LLP and Mazars, the international audit, tax, advisory and consulting firm.
The survey also found that the vast majority of organisations surveyed were either currently operating a hybrid model of working, sharing time between home and the office (62%), or are considering operating a hybrid model in the future (33%), with just one-in-twenty (5%) saying that such a move is not being considered. Nearly three-quarters (73%) have increased their cyber security to protect those working from remotely to enhance the protection of their data.
The results of this year’s survey also point towards a declining level of positivity towards the GDPR and its benefits by many organisations. For example, belief that the GDPR is beneficial for individuals has declined by 14 points year-on-year (83% to 69%); belief that compliance with the GDPR places an excessive administrative burden on organisations has grown by 16 points (53% to 69%); and belief that compliance with the GDPR will be beneficial for organisations’ relations with their employees, customers and other stakeholders in the long term has fallen by 5 points (76% to 71%).
Additionally, anxiety about liability for non-compliance with the regulation appears to be on the rise. 57% of surveyed organisation expressed concerns about fines for GDPR non-compliance, up from 46% last year. Over three-quarters 78% agreed that the risks associated with GDPR non-compliance are increasing, while almost seven-in-ten (70%) said they were now more concerned about GDPR non-compliance than they had been in May 2018, when the regulation was introduced. Furthermore, more than two-fifths (43%) said that they are concerned about civil actions from data subjects.
Pictured left to right, Liam McKenna, Partner, Mazars, Amy Brick, Senior Associate, and Paul Lavery, Partner and Head of Technology at McCann Fitzgerald.
Respondents, a majority of whom were employed in organisations of more than 250 employees in Ireland, span the financial services, public, technology, and other sectors.
Speaking on the launch, Paul Lavery, Partner and Head of Technology & Innovation at McCann FitzGerald LLP said:
“This year’s survey shows a decided shift in views towards the GDPR. In recent years, a gradual trend towards increasing comfort with the GDPR, and an appreciation of its benefits to individuals and organisation could be observed, however much of this positive outlook has slid backwards in this year’s figures. We can only speculate on the exact reasons for this cooling of sentiment, but a growing view that the application of the regulation to areas such as employee vaccine status or the international transfer of data, have not been in the interest of businesses, might be contributing to this perspective.”
Remarking on the fact that many organisations appear more anxious about the impact of non-compliance, Partner at Mazar’s Consulting Services practice, Liam McKenna said:
“Most organisations are now more concerned about GDPR non-compliance than when the regulation was introduced just under four years ago. Many businesses are observing the impact of fines for non-compliance, such as the high-profile penalty levied against WhatsApp by the Data Protection Commission last year, and understand the increasing need to ensure their own compliance. That fewer respondents say they have reported a data breach to the Data Protection Commission this year, with this number falling from 69% to 61% in the last 12 months, gives optimism that businesses are continuing to improve at managing such issues.”
We recently hosted a webinar to present the findings from our survey. Thank you to John O’Dwyer and Dale Sunderland of the Data Protection Commission Ireland and Paul Lavery, Amy Brick, and Doug McMahon from McCann FitzGerald who joined Liam McKenna, Consulting Partner at Mazars to discuss the impact of GDPR operations in Ireland. You can watch this presentation below.
Most reportable data breaches are a result of human error. By focusing on understanding online human behaviour and an organisations culture, Mazars can help you to design engaging and practical cyber policies, deliver education and implement effective work practices that reduce cyber risk.