Does your organisation need a DPO?
Under the GDPR, a Data Protection Officer (“DPO”) must be appointed where a business or organisation is:
- processing large amounts of special category personal data (e.g. insurers, healthcare providers, etc.);
- regularly monitoring individuals (e.g. profiling by data analytics companies, loyalty brand companies, online retail companies etc.); or
- otherwise required to do so by Member State law
Public bodies or authorities must also appoint a DPO. A DPO will be expected to have an expert understanding of data protection law and practices; their appointment may be a standalone role or a part-time responsibility. A group of companies/organisation may appoint a single DPO, provided that the DPO is easily accessible from each establishment.
We can support organisations in selecting a DPO or in-house Privacy Lead, or we can be your DPO.
Appointments can be on a full-time or part-time basis. Where a current employee takes on a dual role, it will be necessary to ensure that their existing role is compatible with his/her new duties as DPO and does not result in a conflict of interests.
We become a trusted and critical part of your team, keeping you focused on getting and staying compliant. We can provide ongoing support, training and regulatory assistance, including representing you in any litigation, enforcement proceedings or prosecutions.
- We can help with one-off or specific projects, for example, conducting Privacy Impact Assessments for a new products/services, or assisting with responses to Data Subject Access Requests.
- Alternatively, we can offer ongoing support on a retainer basis as Virtual DPO
- We can also act as an interim DPO when an in-house DPO is on leave or if there is a short-term vacancy.
For details on the cost-effective assistance we can offer you, please contact
David Fagan on +353 1 636 3165 or david.fagan@bizlegal.eu