Not a Member?
Join Today

  • Special content & Events
  • Access to Forums
  • Networking
  • On and Offline Support

General Data Protection Regulation (GDPR)

SFA 8 step guide to managing data access requests

If you have received a data access request and are unsure of what to do or what your obligations are since GDPR came into force, then download our 8 step guideline to managing data access requests Not a member of SFA - join today and access the guide and much more when you join SFA .. Read more


GDPR and recruitment

One of the key areas that GDPR has an impact on is the processing of personal data in relation to recruitment of employees. We have prepared this information sheet to help businesses understand their GDPR obligations in relation to the recruitment process. .. Read more


GDPR webinar and record keeping checklist

Certain pieces of employment legislation require that records containing certain types of personal data are kept for specified periods of time which is detailed in our handy record keeping checklist. These retention periods under the various pieces of employment legislation will enable you to set retention periods for holding personal data in line with GDPR. .. Read more


GDPR in action - Slide deck March 2018

On 21 March 2018, SFA Executive, Helen Quinn, delivered a seminar on GDPR in action. The slides are available here, containing the latest practical guidance for companies preparing to be compliant with the General Data Protection Regulation. .. Read more


SFA GDPR readiness guide: 'Mind your business: Prepare for GDPR'

With this publication the SFA, as a membership organisation and a service provider, is responding to the needs of the small business sector in Ireland. This publication gives practical guidance on how your business can get GDPR-ready. With the help of three case studies, we provide you with a step-by-step guide to GDPR that uses only the minimum amount of jargon, is practical, shows opportunities as well as challenges and hopefully takes the fear element out of this new legislation. .. Read more


SFA Guideline on Data Protection

The Data Protection Acts, 1988 and 2003 regulate the collection, processing, storage and disclosure of personal information that is processed either electronically or manually. The 2003 Act gave effect to the EU Directive (Directive 95/46/EC) on the Protection of Individuals with regard to the processing of personal data and on the free movement of such data. This guideline outlines the legal position regarding data protection from 1st July 2003. It summarises the provisions of the Data Protection Acts, 1988 and 2003. As the amount .. Read more


GDPR readiness toolkit for SMEs

The Data Protection Commissioner have just released a GDPR readiness toolkit for the SME sector. The Small Firms Association (SFA) worked closely with the Data Protection Commissioner to create this toolkit which will enable your business to conduct a GDPR audit. .. Read more


Data Protection Bill 2018

Download the Data Protection Bill 2018 and the explanatory notes for GDPR here .. Read more


Guides on GDPR issues

The General Data Protection Regulation (GDPR) will be directly applicable in all EU Member States, including Ireland, on 25 May 2018. Many existing regulatory concepts on data protection will be retained, but there will be significant changes under the GDPR that require consideration and advance preparation.  Data protection is a key business consideration. In this context SFA has been involved, through the GDPR taskforce to help raise awareness and understanding of the GDPR.  Two guides are now available to member companies: 1) An Overview of the General Data Protection Regulation and another 2) How Employers Should Comply with GDPR. .. Read more


The GDPR and You - Resources from the Data Protection Commission

The General Data Protection Regulation (GDPR) becomes effective from 25 May 2018. The GDPR will replace the existing Data Protection Acts (1988 and 2003 )and it places substantial new data protection responsibilities on businesses to protect the privacy of its Data subjects. The Data Protection Commission have realised a user friendly guide entitled "The GDPR and You"... .. Read more


Vetting, Background Checks and Data Protection

Increasingly employers are looking to implement background and credit checks for potential employees. This is standard hiring practice in countries such as the United States and Britain. Ireland, however, does not have regulations in place that allow most employers to carry out such checks. This presents difficulties for organisations who want access to information demonstrating that employees do not have relevant criminal convictions that may deem them unsuitable for a particular role. The only route available to employers who do not fall into a special category for Garda vetting that is fully compliant with data protection regulation is a self-disclosure form for criminal history. Additionally, there is no process by .. Read more



Close