Under EU GDPR it is now mandatory for all public sector bodies and data-driven European organisations to appoint a Data Protection Officer (DPO).
Duration | Approx. 1 Day pm
Cost | POA
A DPO should manage the data processing activities of all data controllers within their corporate group e.g. HR, Marketing, IT, Business Development. He/ she should also have a policy or procedure in place around any changes to processing activities and be independent of these departments.
Therefore if your current DPO is also a Data Controller they can no longer occupy both roles, in which case you may need to:
Appoint a new Data Protection Officer
Train a new member of staff who is not a Data Controller
Our Outsourced Data Protection Officer Service provides crucial expertise and an affordable alternative to employing a privacy expert to ensure ‘smart compliance’ with the EU General Data Protection Regulation (GDPR). Your outsourced Data Protection Officer will work directly with your leadership team and be your resource to answer any difficult questions arising out of your day-to-day data processing.
The GDPR is a sizeable directive, with three times as many articles and five times as much volume in the document. Here are some of the big changes:
Fines for non-compliance up to €20,000,000 or 4% of global turnover.
Consent can no longer be implied: it must be “freely given, specific, informed and unambiguous”.
Maintaining and enforcing your own organisation’s policies is now a legal requirement under the GDPR.
Privacy by design will be a standard in information management systems.