If you need a Data Protection Officer, finding and positioning them can be difficult. They must be:
- Independent of roles that define the purpose (why) and means (how) of your personal data processes. Typically, the DPO
will be in conflict if they also head up functions such as IT, Operations, Security (e.g. CISO), legal, marketing, audit or HR.
- Experts in European Data Privacy laws, as defined in GDPR. Data Security experience is also important, as this accounts
for 50% of fines.
- Free and able to discuss matters directly with the Board.
For the vast majority of organisations, it will not be a full time role. The DPO must:
- Take time to understand and embed themselves in the business.
- Provide support and advice where required.
- Conduct audit activities and independently report back to the highest level of management.
- Be prepared to oversee Data Subject Requests and Breaches.
Our Outsourced DPO Service is a proven approach to provide the necessary skills at less cost than resourcing internally.
Let us know if you'd like to find out more or to recieve a quote: