The SFA held its first GDPR discussion group on 21 June where a number of small businesses met to hear an update from our recent meeting with the Data Protection Commission (DPC) and to discuss a number of GDPR issues.
At the meeting we covered a number of topics such as:
- Managing contacts
- Retention periods in general and for employee files
- Marketing and customer lists
- Data breach notifications in the case of multiple EU jurisdictions
- Data processing contracts
- The registration process for the DPC
- When a Data Protection Officer is required
- Cookie policies
It was a lively discussion with some fantastic contributions from the group. If you would like to be a part of the GDPR discussion group, please e-mail Helen at email@example.com as we will host these one-hour meetings four times a year.
At the meeting we gave an update from our recent meeting with Dale Sunderland, Assistant Data Protection Commissioner and other team members of the DPC. They are keen to assist small businesses as they understand the challenges that GDPR poses for this sector. They would welcome your input in terms of any guidelines that you would like to see posted on their website at www.dataprotection.ie or on www.gdprandyou.ie
They currently have guidelines for implementing technical and organisational measures to prevent a breach, Data Protection Officers, data controller to data processers contracts, using cloud-based solutions and so forth which you can download at www.gdprandyou.ie
If you have any suggestions please let Helen know at firstname.lastname@example.org. In addition, they would welcome your feedback on the challenges and benefits that you have experienced whilst implementing GDPR and how it is working for you currently. You can feed those comments into Helen by 13 July and we will send your anonymous comments to them.
We have just launched an online GDPR training programme for employees. It is about 30 minutes long and covers the basics of GDPR including what is a data breach, managing data access requests, consent, the principles of GDPR, etc. It has interactive questionnaire session and users receive a certificate of completion at the end. The cost is €70 per licence (per person). You can find out more or book online here.
If you would like more information on GDPR or to discuss your requirements further, please contact Helen at SFA on 01 6051668 or at email@example.com or visit our GDPR section on www.sfa.ie/advice