Our full 'Data Protection Officer as a Service' solution to manage and assure your GDPR Obligations. Outsourcing your Data Protection Officer is a cost effective, conflict free, professional service, where a team of consultants headed by a certified GDPR practitioner will be your nominated representative to the ICO.
The Heart of The DPO® Service
Outsourcing your Data Protection Officer is a cost effective, conflict free, professional service, where a team of consultants headed by a certified data protection practitioner will be The DPO® Data Protection Officer that you will nominate to the ICO.
Many organisations will be familiar with the obligations and responsibilities under the Act. There are however significant differences between the two regimes, including the mandatory appointment of a Data Protection Officer for very many businesses and organisations.
Where Are You Today?
Are you unsure as to whether you have to appoint a Data Protection Officer under the mandatory requirements of GDPR?
GDPR has been clarified by the Article 29 Working Party Guidelines on Data Protection Officers. Certain terms such as ‘large scale’ have been somewhat clarified. For example the processing personal data would not be considered large scale if the processing was undertaken by “an individual physician“ . However it is clear that a large multi-partner medical practice would need to. The European Parliament considered the processing of 5000 records per year to be large scale.
It is now clear that very many existing “data protection officers“ may not have the expertise or knowledge to act as a Data Protection Officer as specifically defined by GDPR and cannot be considered or referred to as Data Protection Officers. GDPR makes it clear what objective qualities are required.
So, no longer may “John from IT“ be an organisation’s Data Protection Officer. Furthermore it has become clear from guidance and case law in Germany that if there is a conflict of interest between the tasks of the Data Protection Officer and the other tasks within the organisation, the appointment may not be compliant with GDPR. Thus, Heads of HR, Legal, or IT and suchlike would be conflicted from being appointed.
The DPO® Data Protection Officer will have no such conflict and will be a certified expert GDPR practitioner.
There will be a significant demand for the very small numbers of Certified GDPR Practitioners in the UK currently available and compliant to be appointed by the large numbers of organisations that require them.
The DPO® can provide the optimum solution to your organisation’s thorny issue of compliance with GDPR now that the legislation has taken effect.