The impending EU General Data Protection Regulations (GDPR) in May 2018 requires many firms and entites to appoint a Data Protection Officer (DPO).
Broadly, the DPO will be responsible for:
- Informing & Training – ensuring all employees and management are fully aware of the GDPR obligations and their responsibilities
- Performing Data Protection Impact Assessments (DPIA) – identification of any risks, key controls, and ensuring the completion of any action points
- Monitoring company wide compliance to the GDPR requirements – creation and performance of monitoring plans of the key risks and key controls
- GDPR reporting – of GDPR breaches to management, regulators and other relevant parties. Additionally, production of relevant and timely Data MI for management and risk governance.
- Be the Data Protection SME– the central point of contact regarding Data Protection and Privacy for the organisation, and all external parties, including the regulator.
Many organisations may look internally to appoint a DPO. However, this can be difficult as the DPO must not only have the skills and capability to perform the tasks above, but the regulations also stipulate that the DPO must also have:
- Appropriate knowledge of designing and implementing Data Protection Programmes- relevant to the size and complexity of the data.
- Experience of the EU Data protection law
However one of the most important aspects of the GDPR requirements is that the DPO must be independent of the business at all times, with no conflicts of interest, and must not have instruction from the management or the business on how they perform their role.
Failure to appoint an appropriate DPO would breach compliance to the requirements and could result in a significant fine.
Outsourcing the DPO role to risk management experts may be the most cost and resource effective way to ensure ongoing compliance to GDPR.
Outsource your DPO role
1RS can ensure your meet your GDPR requirements providing reliable, flexible, experienced and cost effective resources.
Benefits of Outsourcing the DPO to 1RS
- Independent of the business and management
- Expert knowledge of EU Data Protection law
- Extensive experience of Data Protection programme implementation
- Risk & Compliance SMEs
- Assured ongoing compliance to GDPR
- No conflict of Interest between roles
- Ability to flexibly increase or decrease level of support
How can 1RS help you ?
To find out more about how 1RS can help you achieve GDPR compliance……