Daragh @ Castlebridge
@castlebridge-chief.bsky.social
CEO at Castlebridge (https://castlebridge.ie). Also on Mastodon (https://mastodon.ie/@CastlebridgeChief) Talks about data from the business perspective. Doing a doctorate in #DataGovernance because life just wasn’t busy enough. Also: Aikido keeps me sane.
Not dark mode. Their brand identity was a brown with orange text that they overlayed on the brown. This was done in various formats in various things I had to look at in the audit.
November 24, 2025 at 11:39 AM
Not dark mode. Their brand identity was a brown with orange text that they overlayed on the brown. This was done in various formats in various things I had to look at in the audit.
In nearly 30 years I have only ever seen the estimated challenged once at a conference. And that was an assertion it was *too low*.
But ROPAs and other things in #DataProtection are a good forcing function to make people look at the issue. But focus on “tick box compliance” means value missed.
But ROPAs and other things in #DataProtection are a good forcing function to make people look at the issue. But focus on “tick box compliance” means value missed.
November 24, 2025 at 10:58 AM
In nearly 30 years I have only ever seen the estimated challenged once at a conference. And that was an assertion it was *too low*.
But ROPAs and other things in #DataProtection are a good forcing function to make people look at the issue. But focus on “tick box compliance” means value missed.
But ROPAs and other things in #DataProtection are a good forcing function to make people look at the issue. But focus on “tick box compliance” means value missed.
This a range drawn from various studies I’ve seen over the years that maps in things like the cost of searching for and finding wrong data/documents, cost of data quality issues and data correction etc. The issue is that this is often see as “cost of doing business” until data processes looked at.
November 24, 2025 at 10:30 AM
This a range drawn from various studies I’ve seen over the years that maps in things like the cost of searching for and finding wrong data/documents, cost of data quality issues and data correction etc. The issue is that this is often see as “cost of doing business” until data processes looked at.
I’ve been through the EU Commission’s Omnibus proposals and can’t find any analysis of the value of optimisation/reduction of waste by baking in accountability and documenting how things work in an organisation.
(It can be between 10-35% of turnover)
(It can be between 10-35% of turnover)
November 24, 2025 at 9:21 AM
I’ve been through the EU Commission’s Omnibus proposals and can’t find any analysis of the value of optimisation/reduction of waste by baking in accountability and documenting how things work in an organisation.
(It can be between 10-35% of turnover)
(It can be between 10-35% of turnover)
That was the first of the things. There were several identified. Many of them were work practices that were actually *costing the organisation money*. The audit was the first time they had actually thought about their data handling in a joined up way.
November 24, 2025 at 9:21 AM
That was the first of the things. There were several identified. Many of them were work practices that were actually *costing the organisation money*. The audit was the first time they had actually thought about their data handling in a joined up way.
For example, if you are a small business and you have outsourced payroll, and you remit payroll returns to the tax authority on a monthly basis, congratulations you have a processing activity where data is transferred to a recipient. Oh, and your payroll processor is in a 3rd country.
November 19, 2025 at 6:55 PM
For example, if you are a small business and you have outsourced payroll, and you remit payroll returns to the tax authority on a monthly basis, congratulations you have a processing activity where data is transferred to a recipient. Oh, and your payroll processor is in a 3rd country.
For example, the provisions around provision of information (Data Protection Notices) are so heavily caveated that Data Controllers will likely need to either roll the dice they meet the exception criteria or keep a record of why they think they do for each processing activity.
November 19, 2025 at 6:55 PM
For example, the provisions around provision of information (Data Protection Notices) are so heavily caveated that Data Controllers will likely need to either roll the dice they meet the exception criteria or keep a record of why they think they do for each processing activity.
Thinking through some of the practical implications of some of the "lets make things easier" provisions of this Omnibus, from a governance perspective they might just result in the burden shifting rather than being removed.
November 19, 2025 at 6:55 PM
Thinking through some of the practical implications of some of the "lets make things easier" provisions of this Omnibus, from a governance perspective they might just result in the burden shifting rather than being removed.
As I'm reading the Omnibus, I am reflecting on another document that dropped a decade ago triggering ripples in the #DataProtection and #DataEthics world. www.edps.europa.eu/sites/defaul...
(And I wonder if Shaftesbury had people tweaking the Factories Acts to keep smallest kids cleaning chimneys.)
(And I wonder if Shaftesbury had people tweaking the Factories Acts to keep smallest kids cleaning chimneys.)
www.edps.europa.eu
November 19, 2025 at 5:07 PM
As I'm reading the Omnibus, I am reflecting on another document that dropped a decade ago triggering ripples in the #DataProtection and #DataEthics world. www.edps.europa.eu/sites/defaul...
(And I wonder if Shaftesbury had people tweaking the Factories Acts to keep smallest kids cleaning chimneys.)
(And I wonder if Shaftesbury had people tweaking the Factories Acts to keep smallest kids cleaning chimneys.)
The SME / NGO clients I work with who only do business in Ireland won't see much benefit of single portal as they already have to deal with just one portal.
Also, at first glance, some of the assessments of economic impact read like "put things in a spreadsheet and drag the cell to get big number".
Also, at first glance, some of the assessments of economic impact read like "put things in a spreadsheet and drag the cell to get big number".
November 19, 2025 at 4:52 PM
The SME / NGO clients I work with who only do business in Ireland won't see much benefit of single portal as they already have to deal with just one portal.
Also, at first glance, some of the assessments of economic impact read like "put things in a spreadsheet and drag the cell to get big number".
Also, at first glance, some of the assessments of economic impact read like "put things in a spreadsheet and drag the cell to get big number".