What is a Data Protection Officer?
A Data Protection Officer (“DPO”) is an individual responsible for advising on the implications of data protection laws, developing a company’s data and privacy protection policies and ensuring compliance with the laws.
Who Needs a Data Protection Officer?
With the regulatory climate tightening and legal risks involving personal customer information on the rise, SMEs can no longer afford to ignore privacy issues.
It is essential that businesses with an online presence, whether they offer products or services, have a DPO. For smaller companies, the DPO functions may be carried out in conjunction with other job duties.
The appointment of a DPO, while an essential business practice, may also soon become mandated by law. The EU General Data Protection Regulation, which is a substantial overhaul of the current Data Protection Directive, and which is scheduled to take effect Spring of 2018, will require appointment of a DPO.
Duties of the Outsourced Data Protection Officer
- Develop and draft the data privacy program and policy
- Train all internal staff and ensure training is completed
- Take responsibility for periodic assessment and make changes as necessary to maintain compliance with any applicable laws
- Respond to inquiries regarding the company’s privacy policies
- Process requests and complaints
Contact us for more information about our Outsourced Data Protection Officer services.
The role of the Data Protection Officer is discussed further in our eBook: Data Privacy Law: A Practical Guide.