Is GDPR a bit OTT?

circadian · 18-04-2019 4:57pm

Richard Hillman wrote: »

GDPR and that nonsense where you have to click to accept cookies on every single website. The EU wielding its nonsense.

Just because you don't understand it doesn't mean it's ****.

18-04-2019 5:15pm

dudara wrote: »

GDPR is about the protection (during collection, storage, processing and disposal) of personal data.

It’s fundamentally a good thing, but too many organisations have either (a) misinterpreted it when implementing it or (b) are using it to cover their asses.

I don't think it is a case of mis interpreting it, it is more a case of the legislation is new and as yet, fairly untested, so it is still open to being interpreted in different ways.

I work for a large multinational that has to send on customer name, address, email and phone numbers to sub contractors in order to provide services and it is giving us absolute nightmares. We are exactly the kind of company the EU would love to go after to demonstrate that the legislation has teeth so the fear of facing a €20m fine for ****ing up has meant that we have a large number of people running around making sure everything is in order...and then some.

Cee-Jay-Cee · 18-04-2019 5:46pm

The HSE is such a clusterfück that it’s only makes sense that they would use GDPR in the incorrect manner.

It’s also an excuse for them to loose stuff that they don’t want to disclose. Emails are easy to search through and track but a piece of paper can easily go missing when it suits.

McMurphy · 18-04-2019 6:34pm

Serious question here, but how does GDRP stand up to wing nuts putting pics of my kids up on Facebook, despite repeatedly being asked not to?

EmmetSpiceland · 18-04-2019 6:40pm

Johnny Dogs wrote: »

Serious question here, but how does GDRP stand up to wing nuts putting pics of my kids up on Facebook, despite repeatedly being asked not to?

No, apparently that falls under a “household exemption” but if you’ve asked them not to there might be a way of getting Facebook to take them down.

Mrs OBumble · 18-04-2019 6:51pm

McGaggs wrote: »

The legislation gets to decide what is sensitive data, not some oddball family member.

Sure, the judiciary gets to decide.

But for smaller organisations, even having to defend a vexatious, unjustified claim could be enough to put them out of business.

Big ones like the HSE have insurance and in house lawyers, but they do need to show they've implemented data management policies. And half- understood training related to this causes problems like the OPs

NewbridgeIR · 18-04-2019 7:05pm

Some companies simply don’t understand it.
I telephoned an insurance company with a routine query regarding the renewal date of my policy, passed all the security checks and they then refused to answer citing “we can’t under GDPR”.

AndrewJRenko · 19-04-2019 10:12am

TheChizler wrote: »

My GF used to do some admin work for a HSE office pre GDPR days, she wasn't allowed to email any personal data, fair enough, but there was zero issue with faxing it. It would be so easy for you to put in the wrong fax number or for the wrong person to pick it up from the machine. Bizarre.

In fairness, the chances of finding another fax machine with a misplaced digit are slim, and decreasing all the time.

But your point stands - there as a false assumption that faxes are safe and emails are unsafe. This is gradually changing as more applications eliminate the need for emails or faxes, by allowing GPs to do referrals through the application, for example.

19-04-2019 10:59am

I cant speak about it under GDPR

Dravokivich · 19-04-2019 12:11pm

Mrs OBumble wrote: »

Not really true.

Sending by email is inherently insecure. Unless you have encryption in place, it's like writing the data on a postcard and sending it thru the mail.

Pre GDPR lots of organisations took the risk and emailed things anyway. But now there are big penalties if just one privacy freak justifiably complains about how their data is managed, so the organisations are saying "no, the risk is now too large".

So we all have to put up with the scenarios you describe.

Some are being too zealous - but for example in the agency vs HSE rota example there is the data of both the patient and the employees involved. Some privacy-freak families would even see the fact that someone in the family is getting home help as sensitive data.

Quite a bit go be said a bit your first paragraph there. I do some work with a public body as my customer and it took them a while to understand why I wouldn't send some data via email... when they reviewed internally they got an sftp setup. This isn't something thatd be possible for the public however.

But regarding your last statements. The individual doesn't decide what is, or isn't private data, nor is that what GDPR is for. My understand is GDPR is about retention of data, based on needs, and how it relates to individuals.

silverharp · 19-04-2019 12:18pm

i heard an advert on the radio by some ambulance chasing cnts trying to drum up compo claims for GDPR.

- bo - · 19-04-2019 12:49pm

GDPR OTT? IDK TBH.

WoollyRedHat · 19-04-2019 12:58pm

jimgoose wrote: »

The problem isn't GDPR, GDPR is a positive and useful thing. The problem is the HSE, and the lengths they will go to in trying to prevent people from being able to prove what malevolently incompetent, lying fuckers they are.

That should be on their epitaph, if we're ever lucky enough to see that day. I hope so, there's a good argument that when the organisation finally does get disbanded that it should be made into a public holiday.

Anteayer · 19-04-2019 1:26pm

I can assure you disbanding the HSE wouldn't solve anything. Before it came into existence there were countless mini HSEs all of which were a nightmare and the minister for health spent their time trying to herd a flock of deeply uncooperative cats and being made take political responsibly for them.

We need absolute root and branch health reform here and to tackle all sorts of vested interests, many of whom but end up working on narrow sectoral interests, often very much in a positive way but if were all pulling different directions nothing works.

The problem is we never had an NHS style major radical reform. We just kept old systems going and expanded the public funding without any kind of management or structural reform and it's now at the stage where it's almost unreformable because it's so long established.

Floppybits · 19-04-2019 1:55pm

Anteayer wrote: »

I can assure you disbanding the HSE wouldn't solve anything. Before it came into existence there were countless mini HSEs all of which were a nightmare and the minister for health spent their time trying to herd a flock of deeply uncooperative cats and being made take political responsibly for them.

We need absolute root and branch health reform here and to tackle all sorts of vested interests, many of whom but end up working on narrow sectoral interests, often very much in a positive way but if were all pulling different directions nothing works.

The problem is we never had an NHS style major radical reform. We just kept old systems going and expanded the public funding without any kind of management or structural reform and it's now at the stage where it's almost unreformable because it's so long established.

The chance was there to reform the Health service when the HSE was being set up but FF in their infinite wisdom decided that when combining the health boards into one their would be no job losses. A decision we are paying for today.

Seth Brundle · 19-04-2019 2:03pm

Like most public restructuring by politicians there can be absolutely no offending of the unions

AndrewJRenko · 19-04-2019 3:09pm

WoollyRedHat wrote: »

That should be on their epitaph, if we're ever lucky enough to see that day. I hope so, there's a good argument that when the organisation finally does get disbanded that it should be made into a public holiday.

To be replaced with?

erica74 · 20-04-2019 8:11am

This isn't unique to the HSE, the majority of GPs seem to have thrown out their fax machines due to their interpretation of GDPR and faxes being "unsecured". Everyone needs to have common sense. I would also like to point out that members of the public are also pushing it too far - for example, members of the public visiting hospitals and making complaints to the data protection commissioner about names being called out loud in waiting areas, patient names being visible on charts being carried around by members of staff while they go about their duties.

Gimme A Pound · 20-04-2019 12:51pm

I'm no fan of how the HSE is (not) run but GDPR is a pain in the hole at times when you're having to deal with members of the public. It is completely OTT. Obviously nobody objects to personal data being protected (well, when it suits for some, mind - plenty of "but he's my husband, I should be able to talk about his account") but there are so many unnecessary strands to it and zero common sense. I'm not anti EU but it is the kind of bureaucracy that gives them a bad name.

Companies are so terrified of breaching it that they're being extra cautious, resulting in customers not getting the service they require. It's not fair on either.

AudreyHepburn · 20-04-2019 3:30pm

The concept of GDPR is good and necessary. The problem is the way it’s been implemented. It’s untested so non-one what constitutes a serious breach and no-one wants to be first company fined so there’s no leeway given. It also doesn’t allow for human error and seems to assume that any breach is done as a result of serious negligence or done with malicious intent.

And the customer then falls into the same way of thinking so that a simple spelling error that could be rectified in seconds spirals into a formal complaint when it really doesn’t need to.

WoollyRedHat · 20-04-2019 6:09pm

AndrewJRenko wrote: »

To be replaced with?

Monorail.

caff · 20-04-2019 6:14pm

It's the same thing any Irish government has ever done. They see something from the EU that is vague enough or not understood and use it as an excuse to do what they want. They blamed the EU for shutting the sugar beet plants down and only decades later we learned it was the government blatantly lying using EU as an excuse. They are using gdpr as an excuse to refuse FOI requests now

AndrewJRenko · 21-04-2019 2:08pm

caff wrote: »

They are using gdpr as an excuse to refuse FOI requests now

Do you have any examples of this please?

Is GDPR a bit OTT?

Comments