IAF Awareness and Readiness survey 2023
We are delighted to bring you our third individual accountability framework awareness and readiness survey report in partnership with the Compliance Institute.
GDPR survey 2023
Majority of organisations want the GDPR reformed
A majority of Irish organisations (54%) believe the GDPR in is need of reform with two-thirds (66%) stating the costs of GDPR compliance are greater than those envisaged when the Regulation was commenced in 2018 and almost half (45%) saying supervisory authorities interpret the GDPR in a way that makes compliance more difficult to achieve.
Watch our GDPR: Five years on webinar for a detailed discussion on the results, and download the 2023 GDPR survey report.
The results come from this year’s edition of an annual survey on the impact of the GDPR on organisations in Ireland, jointly published today by leading law firm McCann FitzGerald LLP and Mazars, the international audit, tax, advisory and consulting firm. Five years after the introduction of the GDPR, the survey examines its impact and success since its 2018 introduction.
Pictured from left to right: Paul Lavery, Head of Technology and Innovation Group, McCann FitzGerald, Liam McKenna Partner, Data Protection and Privacy, Mazars and Amy Brick,Partner, Regulatory and Data Disputes, McCann FitzGerald.
A majority of respondents agreed that complainants should be required to attempt to resolve complaints with the organisation processing their data before initiating a complaint with the Data Protection Commission (75%) and that data subjects should be required to pay a reasonable fee for making a data subject access request (52%).
Despite this appetite for reform, there is general belief that the GDPR has operated as a largely positive force. Strong agreement that the GDPR is beneficial for individuals is up twenty percentage points to 46% since 2018 (81% agree or strongly agree), while strong agreement that GDPR compliance is beneficial for organisations’ long-term relations with stakeholders such as employees and customers is up fourteen percentage points to 34% since 2018 (75% agree or strongly agree).
The general public, who formed part of this survey for the first time, demonstrated conflicting views about data protection. 80% said they are more concerned about their online privacy now as compared to 5 years ago and 78% agreed they are likely to purchase from organisations that have a good record in how they handle customers’ data.
However roughly half of all customers (49%) are willing to forgo some level of data protection if the product or service is very appealing, pointing to an appetite by a large portion of users of certain services, such as social media apps, to forgo some level of data protection to access these services.
Respondents from the general public also point to a potential need to simplify or more clearly communicate messages on data protection and the GDPR. 65% of members of the public agreed that organisations make it difficult to understand their approach to data protection, while one-in-four (24%) said they had either never heard of the GDPR or knew very little about it.
AI adoption requires strong governance framework
The integration of artificial intelligence into daily work processes will usher in a significant shift for many businesses, accompanied by new risks and challenges that demand attention.
Ireland Data protection newsletter - Issue 16
A lot has happened in the data protection landscape since our last newsletter. In this issue, we focus on a number of those key news stories in recent months.
Contact
Liam McKenna Partner, Consulting - Dublin
Related pages
Data privacy & GDPR
Mazars supports you in achieving and maintaining data protection & privacy compliance.
Outsource Data Protection officer (DPO)
Mazars provides outsourced data protection officer (DPO) services to organisations that do not wish to directly employ a DPO
Data protection impact assessments (DPIA)
Mazars DPIA methodology has been developed using years of experience, ensuring that risks are identified and mitigated in line with business needs while keeping a focus on individuals.
Mazars | Europrivacy ™
Mazars has partnered with Europrivacy to provide companies with General Data Protection Regulation (GDPR) compliance certifications. This is the first GDPR certification to be created since the launch of the GDPR four years ago, and has been authorised by the European Data Protection Board (EDPB). This certification positions companies as front-runners in data protection with a strong competitive advantage on the market.
GDPR audit
A GDPR audit provides you with assurance of your data protection compliance efforts.
Outsourced Subject Access Requests (SAR)
Satisfying subject access requests can require a very significant amount of time and effort. Gathering the data, filtering out the irrelevant records, making decisions on what is necessary to include and redacting information appropriately can turn one SAR into a project in its own right.