The General Data Protection Regulations (GDPR) are coming into force on the 25th May 2018. As a regulation, the GDPR will have a direct effect on the Irish law system, including the Data Protection Acts 1988 & 2003 and the Data Protection Directive 95/46/EC.
The GDPR focus is on standardising the European citizen’s right to data privacy, as well as emphasising transparency, security and accountability by data controllers.
Fines: The GDPR is providing data protection authorities with administrative fines which can turn out to be devastating for organisations. It allows fining for non-compliance of up to €20mln or 4% of total annual global turnover (whichever is greater) for the most serious breaches.
The new regulation will make it easier for individuals to request copies of data relating to them.
At the moment employees are liable to pay a fee of €6.35 and wait for up to 40 days, for the copies of the data to be supplied to them.
However under the GDPR, this request is now free of charge and an employer now has only 30 days to process the request.
An employer is now also required to provide an employee with additional information such as information on how long data is being stored and the right to have inaccurate data concerning them corrected.
Mandatory reporting of data breaches has also been introduced.
At the moment only some organisations are obliged to do this. Once the GDPR comes into force, all organisations will be obliged to report any data breaches to the Data Protection Commissioner within 72 hours.
Breaches that are required to be reported are those that are likely to bring harm to an individual. In addition any concerned individual needs to be informed about the breach also.
A failure to report it could result in a fine, as well as a fine for the breach itself.
Some companies will be required to appoint a Data Protection Officer. Such organisations include:
If your organisation is compliant under the existing law, your approach will be valid under GDPR.
The following are the main principles of Data Protection.We recommend that you make sure that your organisation is compliant with these, as this will vastly help you in the case of any inspection under GDPR:
The GDPR introduces a number of significant changes that every employer must be aware of and be sure to comply with, in order to avoid significant penalties.. We recommend that Employers;
Finally, here are a few questions to bring you one step closer to being compliant:
This update is provided by the MSS HR Support Service. For further details on the General Data Protection Regulations or on other HR services please email hr@mssirl.ie.
The Mediation Bill 2017 has been passed, following its passage through the Dáil and is set to be enacted upon the signature of the President.
The Mediation Bill 2017 is set to promote viable, efficient alternative options to disputes, with the intention to ‘speed up the resolution of disputes, reduce legal costs and to relieve the stress associated with court proceedings.’
The proposed Bill will;
President of the Mediation Institute of Ireland (MII) speaking on the Bill, stated that “The Bill will make mediation more available and deliver better resolutions, at a lower cost, to those who are involved in disputes”. She also said that “Enactment of the Bill has the potential to divert many civil and commercial disputes from our courts and deliver major savings to individuals and the public purse.”
A complete copy of the Mediation Bill is available here;
MSS have a team of excellent Mediators, experienced at helping to resolve differences through non-confrontational means.
For further details on the Mediation Bill or on other HR services please email hr@mssirl.ie.
In a recent case, a book-keeper was awarded €12,000 from her former employer, a small retail company, for age discrimination, having forced her to retire at 66, despite there being no issues with her competence. Having worked for the Company for 12 years, the employee was forced by the company to retire at 66.
The Employee expressed a desire to remain in employment with the company and in response to this she was offered a fixed-term contract immediately following her retirement, an offer which she refused.
There was never a contract of employment/statement of terms issued to or signed by the employee, therefore it could not be argued that she had consented to the mandatory retirement age. Apparently the Company had previously tried to introduce them but the employer failed to do so when met with resistance from the employees.
The company’s contention was that the retirement age was necessary for the management of its business and also argued that there was an implied term and an oral contract with the employee that she would retire at 65 and that the setup of the Pension scheme in 2004 “clearly foresaw” a retirement age at 65.
On hearing the case, the Adjudication officer was satisfied that the claimant had established a Prima Facie case of Age Discrimination and the employer had failed to provide any objective justification for enforcing a retirement age.
The Adjudicator found that the employer’s explanation for justifying a retirement age was a “somewhat vague, anachronistic and unlawful view that it had the right to terminate employment at sixty five because it was traditional to do so. It (the company) seems have held this view honestly, in that it held the complainant in high regard as an employee and there was no element of any reflection on her conduct or competence.”
This case serves as an important reminder that employer’s must be able to demonstrate that they can objectively justify that the use of a retirement age achieves a legitimate aim for the Company or they face the threat of being found guilty of Age Discrimination. It also highlights that whilst having a retirement age in a contract or a Pension scheme does not automatically serve as a defence for Employers.
For further details on the Retirement Age or on other HR services please email hr@mssirl.ie.
