What is a DPO?
The General Data Protection Regulation (GDPR) makes it compulsory for some organisations to appoint a data protection officer (DPO), an expert in data protection law and practice. Effective from 25th May 2018, the GDPR brings sweeping changes and potential fines of up to 4% of worldwide annual turnover (or €20,000,000). However, hiring a full-time DPO is likely to be challenging – and expensive – due to a shortage of suitable talent.
The GDPR allows you to fill the role of a DPO using an external service provider. Outsourcing your DPO requirements to ProDPO™ spares you the challenges and expense of recruiting a full time employee.
Hiring ProDPO™ as your external DPO means that you can rely on our expertise in data protection law and practices to:
- Inform and advise your organisation and its employees on the requirements of the GDPR.
- Monitor your organisation’s compliance with the GDPR.
- Advise on data protection impact assessments (which become mandatory under the GDPR for certain activities).
- Cooperate with the data protection authority, and act as the designated point of contact for the supervisory authority.
We can provide you with an experienced DPO on a flexible and cost-effective basis, as allowed by the GDPR. For example, your designated DPO can be available remotely via telephone and email or on-site.
Also, since organisations typically require greater resources in the early stages of a compliance project, a flexible approach can be adopted, combining initial on-site service with remote support thereafter.
Do I need to appoint a DPO?
The GDPR makes it compulsory for the following types of organisation to appoint a data protection officer:
Organisations whose core activities require regular and systematic monitoring on a large scale (e.g. web analytics businesses)
Organisations whose core activities consist of large scale processing of special categories of data (such as information concerning individuals’ health, race or sex life or sexual orientation)
Even if your organisation does not fall under one of these categories, you are encouraged to appoint a DPO on a voluntary basis