With three weeks to go until the Europe-wide General Data Protection Regulation (GDPR) comes into force, two Irish companies are making sure they are compliant by using a globally-recognised standard for information security.
Dun Laoghaire-based consultancy firm RPS Group and Cork cloud solutions company vCloud.ie were presented with their certificates to the ISO 27001 standard during a special ceremony at the National Standards Authority of Ireland (NSAI) headquarters in Dublin this morning.
A key international business standard, ISO 27001 provides organisations with a robust framework to manage their information – both on and offline.
“While the GDPR is the largest overhaul of data privacy in decades, it is important that businesses do not fear it,” said Pat Breen TD, Minister of State for Trade, Employment, Business, EU Digital Single Market and Data Protection.
“Indeed, for Irish companies, being able to demonstrate compliance with the Regulation will offer competitive advantage in domestic, European and International markets,” he added.
“One of the ways they can do so is by getting certified to ISO 27001, which has been described as a Swiss Army knife for GDPR compliance – it has every tool you need,” said Minister Breen.
Ahead of the May 25th introduction, organisations across the European Union have been reviewing their systems and the way people work to ensure that client and customer data is safe and used appropriately.
“By examining their people, processes and technology using ISO 27001, companies will be well-placed to defend themselves from not only technology-based risks, but other, more common threats, such as poorly informed staff or ineffective procedures,” said Geraldine Larkin, NSAI Chief Executive.
“It’s important to note that while ISO 27001 isn’t a catch-all for GDPR compliance, it will provide an organisation with a pathway to compliance in terms of risk assessment, breach notification and asset management,” she added.
The regulation introduces measures that make it easier for individuals to find out what data an organisation holds on them. It also requires organisations to report data security breaches to information commissioners and increases fines for serious breaches to €20m or 4% of global turnover, whichever is larger.
L-R: Pat Breen TD, Minister of State for Trade, Employment, Business, EU Digital Single Market and Data Protection, Geraldine Larkin (NSAI Chief Executive), James Kennedy (NSAI Chairperson) with Gunter Bayer, CIO, vCloud.ie
RPS Group and vCloud.ie were among 25 organisations from the private, public and SME sectors today marking their achievement in becoming certified to world-class standards. All of the organisations who achieved certification were independently audited by NSAI inspectors in order to ensure they complied with the standards.
They join an elite group of over 3,000 organisations across Ireland who are currently NSAI-certified in a variety of areas such as Quality Management Systems, Environmental Management Systems, Occupational Health and Safety Management Systems, Asset Management Systems, and the Human Resource framework, Excellence Through People.
Full list of companies certified at today’s NSAI certification ceremony:
1. Aptar, Co Galway
2. Arkil Ltd, Co Kerry
3. Bailey Hygiene, Co Dublin
4. Cannon Concrete Products, Co Galway
5. Coastway Ltd, Co Carlow
6. Customer Perceptions Ltd, Co Louth
7. Dowling Quarries Ltd, Co Laois
8. Freshtoday Catering, Co Wexford
9. Health and Information Quality Authority, Co Cork
10. Heineken Ireland, Co Cork
11. Kilsaran Concrete, Co Meath
12. Louth County Council
13. Micromail, Co Cork
14. Monaghan Fire and Civil Protection
15. Mullafarry Quarry Ltd, Co Sligo
16. NZEB Products Ltd
17. Queally Group Site Naas, Co Kildare
18. Respro Ltd, Dublin 11
19. Roccul Ltd, Dublin 7
20. RPS Group, Co Cork
21. Scotshouse Quarries, Co Monaghan
22. Nenagh Municipal District, Tipperary County Council
23. vCloud.ie, Co Kildare
24. West Region Communications Centre, Co Mayo
25. WEW Engineering, Co Kilkenny
The standards awarded to companies today include:
• ISO 14001 - Environmental Management Systems
• OHSAS 18001 - Occupational Health & Safety Management Systems
• ISO 45001 - Occupational Health & Safety Management Systems
• ISO 9001 – Quality Management Systems
• ISO 50001 – Energy Management
• ISO 27001 – Information Security Systems
• I.S. EN 13242 - Aggregates for unbound and hydraulically bound materials for use in civil engineering work and road construction
• I.S. EN 12620 - Aggregates for concrete
• SWiFT 3000 – Code of Practice for Corporate Governance Assessment
• ISO 22000 - Food Safety Management Systems