Global menu

Our global pages

Close

The Data Protection Commissioner, Helen Dixon, has published her 2015 Annual Report.

  • Ireland

    21-06-2016

    We are delighted to announce that the much anticipated 2015 Annual Report has been published by the Office of the Data Protection Commissioner this morning.

    The Report can be found here:
    https://www.dataprotection.ie/docimages/documents/DPC%20AR2015_FINAL-WEB.pdf.

    The main points highlighted in the Report include:

    • 932 complaints were received, with over 60% relating to access rights and 11% to electronic direct marketing, of which 94% were “resolved amicably.”
    • There were 2,376 data breach notifications.

    The amount of complaints received by the Office of the Data Protection Commissioner, while a slight decrease on 2014, continues to highlight the fact that data subjects are becoming more and more aware of their rights in relation to data protection. In addition, not unsurprisingly data access requests are once again the focus of most of the complaints investigated by the Office of the Data Protection Commissioner.

    Some of the key themes identified in 2015 audits conducted by the Office of the Data Protection Commissioner included:

    • Lack of data-retention policy – data controllers have a responsibility to ensure that they are clear about the length of time for which data will be kept and the reason why the information is being retained.
    • Lack of signage or policy for CCTV systems – data controllers need to be able to justify the obtaining and use of personal data by means of a CCTV system. Also, notification of CCTB usage should be made by placing easily read and well-lit signs in prominent positions.
    • Excessive use of CCTV systems – CCTV should only be used for the purpose or purposes for which it is in operation.


    Among some of the incidents of data breaches listed in the Report includes:

    • The Defence Forces were found to have breached the Data Protection Acts by failing to take appropriate security measures to secure personal information, when records of an internal complaint made by a member of the Defence Forces were destroyed in a flood and a burglary at a military investigating officer’s private house.
    • When an employee of a supermarket was dismissed for “gross misconduct” after she placed a paper bag over a CCTV camera in a staff canteen, the Commissioner told the business that there was no justification for having CCTV installed in the canteen area.
    • Another incident involved an employer being deemed to have breached the Data Protection Acts by handing over details of an employee’s swipe card accesses to his workplace to his manager.

    If you would like to discuss any aspect of your data protection regime please do not hesitate to contact us. The release of the 2015 Annual Report highlights the importance for organisations for ensuring that their data protection regime is in order and in compliance with the current data protection legislation.

    Disclaimer

    This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full terms and conditions on our website.

    < Go back

    Print Friendly and PDF
    Register to receive regular updates via email.