'Most Innovative Startup 2020' by RSA - Watch the video

Learn More

The Irish Data Protection Act

Operationalize Irish DPA compliance with the most comprehensive PrivacyOps platform

Download the book today!

PrivacyOps - Automation & Orchestration for Privacy Compliance
Download Book
Available in PDF

The Irish Data Protection Act, 2018 (Irish DPA) implements the General Data Protection Regulation (GDPR) and transposes the European Union Law Enforcement Directive in Ireland. Since it incorporates most of the provisions from the GDPR and the Law Enforcement Directive with limited additions and deletions as per the national law, it is considered to be the principal data protection legislation in Ireland.

The solution

Securiti enables organizations to comply with the Irish DPA through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

securiti dashboard

Securiti supports enterprises in their journey toward compliance with the Irish DPA through automation, enhanced data visibility, and identity linking.

See how our comprehensive PrivacyOps platform helps you comply with various sections of the Irish DPA.


 

Customize a data subject rights request portal for seamless customer care

DPA Sections: 89, 90, 91, 92

Create customized web forms according to your brand image with the DSR request format and accept verified data subject rights requests. Automate the initiation of fulfillment workflows when verified requests are received.

Automate data subject access request handling

DPA Sections: 91, 93

The automation of the delivery and generation of secure data access reports will greatly reduce the risk of compliance violations and reduce the workforce required to comply with all the access requests.

Secure fulfillment of data access

DPA Sections: 91, 93

The information is disclosed through a secured and centralized point to data subjects within a limited timeframe.

Automate the processing of rectification requests

DPA Sections: 92(1), 92(2), 92(13)

Fulfill data rectification requests using automated data subject verification workflows across all appearances of a data subject’s personal data.

Automate object and restriction of processing requests

DPA Sections: 92(9), 92(13), 92(14), 92(15)

Build a framework for objection and restriction of processing handling based on business requirements, with the help of collaborative workflows.

Automate erasure requests

DPA Sections: 92(3), 92(4), 92(13)

Fulfill data subjects’ erasure requests, swiftly, through automated and flexible workflows.

Continuous monitoring and tracking

DPA Section: 81

Keep track of risks against non-compliance to data subjects’ rights by continuously monitoring and scanning data.

Automate People Data Graph

Discover personal data stored across all your internal and external systems within the organization and link them back to a unique data subject. Also, visualize personal data sprawl and identify compliance risks.

Meet cookie compliance

DPA Sections: 71(2), 36 and Irish DPC Guidance Note on Cookies and Other Tracking Technologies/span>

Automatically scan the web properties within your organization and create cookie categories as per cookie properties and retention periods. Build customizable cookie consent banners as per the applicable jurisdictional cookie consent requirements.

Monitor and track consent

DPA Sections: 71(2), 36

Track and honor consent and consent revocation as well as any changes to data subject’s preferences concerning the use of their personal data to prevent the transfer or processing of data without their consent.

Assess DPA readiness

DPA Section: 71(10), 72(1)

Measure your organization’s posture against Irish DPA’s requirements with the help of our multi-regulation, collaborative, readiness, and data protection impact assessment system. It allows you to identify gaps in compliance and address the risks. Seamlessly expand assessment capabilities across your vendor ecosystem to maintain compliance against Irish DPA requirements.

Map data flows

DPA Section: 81

Track data flows in your organizations by having a centralized catalogue of internal data process flows as well as flows for data transfer to service providers and other third parties. Maintaining updated records of data processing activities enables you to demonstrate compliance with the applicable legal requirements.

Manage vendor risk

DPA Sections: 72(2), 77, 80

Track, manage and monitor privacy and security readiness for all your service providers from a single interface. Collaborate instantly with vendors, automate data requests, and manage all vendor contracts and compliance documents.

Key Rights Under Irish DPA

Access

Data subjects have the right to access their personal data held by an organization.

Correction

Data subjects have the right to request the rectification of their incomplete and/or inaccurate personal data held by an organization.

Erasure

Data subjects have the right to request the erasure of their personal data.

Restriction of Processing

Data subjects have the right to request the restriction of processing when the accuracy of data is contested by the data subject and when processing is unlawful.

Data Portability

Data subjects have the right to receive their personal data in a structured and commonly used format and transfer it easily from one system to another.

Object

Data subjects have the right to object to their personal data being processed for direct marketing purposes.

Consent

The processing of personal data shall be lawful where, and to the extent that the data subject has, given his or her consent to the processing for one or more specified purposes.

Facts related to Irish DPA

1
The Irish Data Protection Act 2018 entered into force on the 25th May 2018. It implements the GDPR in Ireland.
2
The Irish e-Privacy Regulations complement the GDPR and the European Union’s e-Privacy Directive in connection to the use of cookies and other tracking technologies.
3
In April 2020, the Irish Data Protection Commission released updated guidance on cookies and other tracking technologies, according to which organizations must obtain prior user’s consent before the processing of cookies, development kits, pixel trackers, or any other form of tracking technology. Organizations must reaffirm a user’s consent after every six months.