A decision of the Personal Data Protection Commission (“PDPC”) demonstrates the importance of conveying specific business requirements clearly to external vendors and conducting preliminary testing of any supplied products before use, lest an organisation be held in breach of its data protection obligations under the Personal Data Protection Act (“the Act”). The PDPC found that […]