Everything you need to know about compliance solutions that work for your business. Stay on the right side of the law with ProPrivacy Compliance Solutions.
Your company DPO
Under the GDPR, most businesses and organisations must have an appointed Data Protection Officer. Also known by its acronym, DPO, a Data Protection Officer bears the responsibility of supervising and implementing your company’s data protection policies and procedures.
Central point of contact
Your company’s Data Protection Officer will be the central contact person for the processing of data deletion requests. They’ll also manage and coordinate all queries, and provide strategic input into the way your company collects, stores, and processes personal data. There are certain types of businesses and organisations that are not compelled to appoint a DPO, but they are few and far between.
DPO job requirements
When appointing a company DPO, you will need to apply a list of guidelines for this role. It is possible for you to appoint a DPO within your company itself, but bear in mind the regulations listed in Article 37 of the GDPR. Your DPO does need to have expert knowledge of data protection law and practices. Moreover, your company’s DPO should hold the necessary expertise and knowledge for understanding and implementing your business’ data protection strategy. They will need to have a strong understanding of your business, and as a business owner, you’ll need to be fully transparent with them. Most importantly, when you appoint a DPO, make sure their current role doesn’t interfere with their requirement to monitor and implement your data protection policies and procedures. There can be no conflict of interest when it comes to their role and its responsibilities.
Outsourcing your DPO role
It is possible to outsource the role of your DPO, and appoint one through an external service provider or consultant. Before you palm off this role to the first consultant that pops up in a Google search result, however, bear this in mind: finding the right DPO for your company is not as simple as calling an organisation up, or asking for a consultation. Your data compliance and cybersecurity programme is an essential part of your business operations. The implementation of, and adherence to, it could effectively stimulate your business, or lead to become stymied. That’s why we recommend you don’t just hire the first company you come across: do your research, ask for referrals, and check out their qualifications and expertise. Best of all, ask your potential DPO for information on their work, or if they’d be willing to share anonymised case study information with you. Get a good understanding of who your potential DPO is, and only outsource this role to a company you can truly trust.
Your DPO information
As part of the GDPR, your company’s DPO information must be made public. This is not something you can hide in the back, or make inaccessible to the wider public. The easier you make it for people and companies to get in touch with your DPO, the better the process becomes for everyone.
Does my business need a DPO? Ask ProPrivacy to assist, and we’ll help you figure out your business’ way forward.
Philipa Jane Farley was delighted to represent Network Ireland as part of a panel discussion hosted by Yousef Hazimee, AIB Cyber Security Practice Manager. Read more for the event Q&As.
As GDPR compliance specialists, we outline an important term: Special Category Data
Philipa Jane Farley will help you understand how to change your thinking about GDPR and Compliance and show you how to look at it as a marketing opportunity as opposed to an exercise that grudgingly has to be done.
It’s a big wide world of big data out there. Who does your personal data belong to?
ProPrivacy defines the all-important GDPR term: explicit consent.
ProPrivacy’s Philipa Jane Farley was delighted to join Jonathan Healy on the Red Business Podcast to discuss data protection and cyber security.
Navigating the regulations and requirements of GDPR gets a little easier, once you understand the principles behind GDPR.
ProPrivacy's Useful Cyber Glossary courtesy of Cath Jenkin.
So you have a plan for cyber incident management. Is it enough? Cath Jenkin talks us through testing and improving our plans in this cyber security blog.
ProPrivacy’s Philipa Jane Farley was delighted to join Beacon AI for their panel discussion on The Deconstruction of the DSAR using AI and Automation.
ProPrivacy's Philipa Jane Farley was delighted to join Beacon AI for their panel discussion on The Deconstruction of the DSAR using AI and Automation.