Ireland’s Data Protection Commission has issued a guidance note on the right of access under the General Data Protection Regulation.

Key takeaways:

  • Requests to access data are the majority of complaints received.
  • If reasonably necessary to clarify the request, you may request that the requester specify the information or processing activities they want access to.

The Irish Data Protection Commission has issued guidance on data breach notification under GDPR.

Key takeaways:

A personal data breach is a security incident that negatively impacts the confidentiality, integrity, or availability of personal data, with the consequence that the controller is unable to ensure compliance with the principles for processing personal data as outlined

The Irish Data Protection Commission has issued guidance on cloud computing. Here are key takeaways for companies and cloud providers:

  • You must remain in control of the personal data you collect.
  • You must have a written agreement with the cloud provider meeting with the requirements of Article 28 of the General Data Protection Regulation.
  • Before

The Irish Data Protection Commission (DPC) does not have any power to order an organization to pay compensation to an affected data subject.

In the case of administrative fines, any funds collected from these fines go to the state exchequer. In addition to the powers the DPC has to enforce data subjects’ rights, individuals are

Ireland’s privacy regulator is weighing potential probes into how some online companies handle children’s data.

The Irish privacy office is “scoping” children’s privacy enforcement actions

“There will absolutely have to be changes and will be changes in terms of how” online companies handle children’s data… It’s a “big area of importance” for the commission –

The Irish Data Protection Commission and Polish Data Protection Authority have issued guidance on data breach notification under GDPR in which they address the following questions, and more:

  • When do you “become aware”​ of a data breach?
  • What should a data breach notification include?
  • How do you communicate a data breach notification?

The guidance offers

“We would like the chance to think about it first”​

Feedback from 1,200 Irish school children on key issues of data protection provides insight and some actionable steps for companies processing children’s information and subject to the EU GDPR (or to the US COPPA).

Read the full list of takeaways.