General Data Protection Regulation 2018
December 8, 2017
The General Data Protection Regulations (GDPR) are coming into force on the 25th May 2018. As a regulation, the GDPR will have a direct effect on the Irish law system, including the Data Protection Acts 1988 & 2003 and the Data Protection Directive 95/46/EC.
Purpose
The GDPR focus is on standardising the European citizen’s right to data privacy, as well as emphasising transparency, security and accountability by data controllers.
Key Changes
Fines: The GDPR is providing data protection authorities with administrative fines which can turn out to be devastating for organisations. It allows fining for non-compliance of up to €20mln or 4% of total annual global turnover (whichever is greater) for the most serious breaches.
Data Request:
The new regulation will make it easier for individuals to request copies of data relating to them.
At the moment employees are liable to pay a fee of €6.35 and wait for up to 40 days, for the copies of the data to be supplied to them.
However under the GDPR, this request is now free of charge and an employer now has only 30 days to process the request.
An employer is now also required to provide an employee with additional information such as information on how long data is being stored and the right to have inaccurate data concerning them corrected.
Data Breaches:
Mandatory reporting of data breaches has also been introduced.
At the moment only some organisations are obliged to do this. Once the GDPR comes into force, all organisations will be obliged to report any data breaches to the Data Protection Commissioner within 72 hours.
Breaches that are required to be reported are those that are likely to bring harm to an individual. In addition any concerned individual needs to be informed about the breach also.
A failure to report it could result in a fine, as well as a fine for the breach itself.
Data Protection Officers:
Some companies will be required to appoint a Data Protection Officer. Such organisations include:
- Public authorities
- Organisations whose activities involve regular and systematic monitoring of data subjects on a large scale
- Organisations who process what is known as a sensitive personal data on a large scale.
Recommendations
If your organisation is compliant under the existing law, your approach will be valid under GDPR.
The following are the main principles of Data Protection.We recommend that you make sure that your organisation is compliant with these, as this will vastly help you in the case of any inspection under GDPR:
- Advise all employees that you are collecting data about them, why you do this, who your Data Controller is and who may have access to it.
- Obtain and process information fairly
- Keep it only for one or more specified, explicit and lawful purposes
- Use and disclose it only in ways compatible with these purposes
- Keep it safe and secure
- Keep it accurate, complete and up-to-date
- Ensure that it is adequate, relevant and not excessive
- Retain it for no longer than is necessary for the purpose or purpose
- Give a copy of his/her personal data to that individual on request
- The GDPR introduces a number of significant changes that every employer must be aware of and be sure to comply with, in order to avoid significant penalties.. We recommend that Employers;
Review their existing Data Protection policies to ensure that they reflect the new changes.
- Ensure to report any breach that is likely to bring harm to an individual, as well as informing the concerned individuals.
- Consider whether their company are obliged to appoint a Data Protection Officer.
- Finally, here are a few questions to bring you one step closer to being compliant:
What data do you hold?
- Why are you holding it?
- How long will you retain it?
- Is it safe?
This update is provided by the MSS HR Support Service. For further details on the General Data Protection Regulations or on other HR services please email hr@mssirl.ie.
What Employers Need to Know
In this blog, we explore a recent WRC ruling where a school was ordered to pay €85,000 in compensation after a teacher was discriminated against during an interview. The case highlights how even seemingly harmless remarks can have serious legal consequences for employers. What Actually Happened? Employee, Emily Williams, who had been working at the school under fixed-term contract and had two years’ experience there, was on maternity leave when a permanent teaching post arose. She was neither notified nor considered, even though she was eligible. Instead, the school awarded the role to a less-experienced colleague not on leave. During a subsequent interview for a fixed-term position, the principal congratulated Williams on the birth of her baby and added: “You really should enjoy every moment at home with the baby.” Williams felt the comment was unprofessional and likely influenced the outcome against her as she had learned she was unsuccessful the very next day. Why the WRC Ruled It Was Discrimination The WRC adjudicator found that: The principal’s comment, made before scoring was complete, was inappropriate and highlighted Williams’ family status. The school could not justify why a less-experienced teacher was chosen. Their claim that it was based on prior interview scores was unsupported, with no clear process to back it up. One interviewer even adjusted a score for Williams downward without explanation, further undermining the credibility of the decision. Given these failures, the WRC concluded that Williams had established a clear case of discrimination on grounds of family status. She was awarded €85,000 in compensation, with the adjudicator stressing the importance of deterrence in cases like this. Why This Ruling Matters for Employers This case underscores three vital lessons for HR and hiring managers. First, keep personal matters out of formal interviews. Even a well-meaning comment can suggest bias or influence the panel. The interview must remain strictly professional. Second, ensure documentation and process are watertight. Reliable scoring systems, consistent policies, and clear records are essential. Without them, hiring decisions become legally and reputationally vulnerable. Finally, fairness must be more than form, it must be function. Interviews should be blind to protected statuses such as family or maternity, and all decisions must be transparent and defensible. How MSS The HR People Can Help MSS is here to help Irish businesses avoid situations like this: Designing discrimination-safe interview processes, from structuring interview panels to defining scoring metrics Training hiring panels on unconscious bias and employment equality legislation Developing clear recruitment communication policies that avoid risks around maternity or other protected characteristics Providing support and representation if a dispute arises before the WRC Let’s ensure recruitment is fair, transparent, and free of unintended prejudice. Reach out to MSS The HR People, and we’ll help you build safe, compliant hiring practices. MSS The HR People info@mssthehrpeople.ie Ph: 01 8870690
WRC Finds Dismissal Unfair When Employer Fails to Engage
Every business needs solid HR support, that support doesn’t have to be an all-or-nothing affair, a flexible, scalable HR service can assist in your companies growth.
Lets explore how Irish employers can streamline hiring processes through technology, compliant CV screening, targeted advertising, and a strong employer brand.
Many employers now have a written diversity, equity and inclusion (EDI) policy, but turning that policy into a lived workplace culture is a very different challenge.
The Pregnancy Loss (Miscellaneous Provisions) Bill 2025 has been introduced in the Seanad and proposes a significant development in statutory leave entitlements.
Every workplace encounters difficult behaviours at some point. Spotting and managing them early, from negativity to resistance, is key to a healthy environment.
A recent decision by the WRC has put a spotlight on the blurred lines between independent contractors and employees and what it means for employers in Ireland.
MSS - The HR People Achieves CPD Accreditation: What It Means for You At MSS - The HR People, we’re proud to announce that we have been officially accredited to deliver CPD (Continuing Professional Development) training. This milestone reflects our unwavering commitment to delivering high-quality, practical, and professionally relevant training to businesses across Ireland. But what exactly does CPD accreditation mean? Why is it significant? And, most importantly, how does it benefit the clients and professionals who choose MSS for their HR training? What Is CPD and Why Does It Matter? Continuing Professional Development (CPD) refers to the process of tracking and documenting the skills, knowledge, and experience gained both formally and informally as professionals work, beyond any initial training. CPD is essential in every sector but especially in fields like HR, where employment law, workplace regulations, and people management practices are constantly evolving. CPD-accredited training is independently assessed and verified to ensure that it meets industry standards for learning outcomes, relevance, structure, and delivery. Accreditation confirms that the training is not just informative, but valuable, impactful, and capable of contributing meaningfully to a participant’s professional development. In short, CPD accreditation is a mark of quality - and we’re delighted to now carry it. What CPD Accreditation Means for Us Becoming a CPD-accredited provider is a significant validation of our work. It’s more than a badge or certificate - it’s recognition from an external body that our training: Delivers clear learning outcomes Meets the expectations of professional development standards Is structured, well-presented, and aligned with current best practices Is designed with real-world application in mind For our team, this accreditation reinforces the integrity of our training content and confirms that the learning we provide is of the same high standard expected by national and international professional organisations. It also shows that we take our role as HR educators seriously. Whether we’re delivering workshops on employment law compliance, HR policies, or best-practice recruitment and onboarding, we are doing so in a way that stands up to scrutiny, offers measurable learning outcomes, and contributes to the continuous upskilling of our clients. What It Means for Our Clients and Training Participants CPD accreditation matters because it gives our clients confidence - not just in what we teach, but in how we teach it. Whether you're an SME owner trying to stay compliant, a people manager learning how to lead teams effectively, or an HR professional seeking to grow your knowledge base, attending a CPD-accredited session with MSS brings many advantages: 1. Assurance of Quality With CPD accreditation, clients know that our training is rigorously vetted. You’re not just taking our word for it - an independent body has confirmed that the training you’re investing in meets a high standard of professional learning. 2. Tangible Professional Development For individuals building their careers or maintaining professional memberships, CPD points or hours gained through our training can be recorded as part of formal CPD logs. This is especially relevant for HR professionals, business owners, and line managers who must show ongoing learning as part of their industry obligations. 3. Enhanced Employer Credibility Businesses that invest in CPD-accredited training show their teams and stakeholders that they care about learning, improvement, and staying up to date. It’s a positive reflection on company culture and helps improve employee engagement and retention. 4. Peace of Mind Around Compliance From Inclusive Leadership, Dignity at Work and Managing Difficult Behaviours, our accredited training ensures that you and your team are not only aware of your responsibilities but are applying them correctly. That means fewer risks, fewer mistakes, and a more confident leadership approach across your organisation. 5. Career Progression for Attendees Participants who undertake CPD-accredited training can use it to build their professional profile, apply for promotions, or demonstrate ongoing learning to regulatory or membership bodies. It helps turn learning into career momentum. A Mark of Trust for the Future At MSS - The HR People, we’ve always believed that training should be more than a tick-box exercise. It should inspire new ways of thinking, give people the tools to do their jobs better, and create lasting value for the businesses we support. Being CPD-accredited adds another layer of trust for our clients. It shows that we’re not just offering what’s popular or convenient - we’re offering what’s recognised, verified, and of real value. As we look ahead, CPD accreditation allows us to expand our training offering with confidence. From one-hour sessions and lunch-and-learns to multi-day workshops and tailored in-house programmes, all our CPD-accredited training will continue to be: Grounded in practical, real-world HR expertise Updated regularly to reflect changes in law and best practice Delivered in an accessible, engaging format that suits busy teams Backed by independent quality assurance Let’s Grow Together Whether you’re new to HR responsibilities or managing people across multiple departments, learning is essential. With CPD-accredited training from MSS - The HR People, you’re guaranteed a high-quality learning experience that’s both professionally recognised and immediately useful in your role. Contact us today to find out more about our CPD-accredited training programmes or visit www.mssthehrpeople.ie/hr-training for more details.
