Small companies also on radar of data protection office, barrister says
Companies and government agencies need to be aware they face data protection investigations and private legal actions if they are the victims of hacking, a barrister has warned.
Small businesses and sole traders are even on the radar of the Information Commissioner’s Office (ICO), said Orlagh Kelly, the founder of Briefing.pro.
Briefed.pro has announced a £750,000 investment in 16 new jobs and a training programme, supported by economic development agency Invest NI, which is providing £158,998. Remote-working jobs will be created for barristers and in sales, marketing, operations and IT.
Briefed.pro advises businesses and provides training to legal chambers on the General Data Protection Regulations (GDPR) and other privacy issues.
Ms Kelly issued the warning on the third anniversary of the introduction of the GDPR.
It also follows the recent data hack on the Health Service Executive in Dublin, which could face legal actions from citizens whose private information is in the hands of a criminal gang from eastern Europe.
Ms Kelly, who set up the business as the GDPR legislation was being introduced, said the need for compliance advice and guidance has grown as more and more companies realise they could face enforcement action, hefty fines and the possibility of being sued.
“The need has grown so quickly we have developed products for the health sector, retail, sales and marketing and construction. Our recruitment drive is for professionals who will understand the needs of our clients, but we will always be led by qualified barristers who will ensure we are continually ahead of the legislation,” the barrister said.
She added: “ The ICO has recently been sending out letters to businesses and sole trader professionals requiring them to register. The cost is £40 for most businesses and understandably many people think it is another scam. It is not and this letter has to be taken seriously.
“The ICO can investigate your business and impose a harsh fine for a serious data breach, and in our experience the public are now becoming very aware of their rights when it comes to protecting their private information.”
The most notable recent legal actions around cyber security breaches are against British Airways and Facebook, while Ticketmaster UK were fined £1.2m in 2020 for not managing client information safely, Ms Kelly added.
“Human error on the part of SMEs and individual professionals has never been more scrutinised, particularly as more of us are working from home with access to sensitive data. The answer is to get your processes in order, get the right training and have your certification. This is the first step to successfully mitigating any ICO investigation,” she advised.
George McKinney, director of technology and services at Invest NI, described Briefing,pro as “an innovative locally-grown firm...investing heavily in growing its customer base and ultimatel y driving sales growth”.
On Friday, following the HSE breach, Ireland’s Health Minister Stephen Donnelly suggested lawyers were “licking their lips” at the prospect of suing the State, remark s branded a “slur on the profession as a whole” by one privacy specialist.