2. Why do you need a DPO?
• The EU GDPR (General Data Protection Regulations) come into effect on the 25th May
2018 (Directive on 5th May 2018)
• Places significant legal responsibilities on organisations that collect, store or process
data.
• Fines of up to 5% of global turnover may apply for breaches of the regulation
• Under Article 35, Companies are required to appoint a designated Data Protection
Officer as a stand alone function if they employ more than 250 employees OR whose
core activity includes regular and systematic monitoring of data subjects
• A group of undertakings can appoint a single Data Protection Officer
• Need to act now to have policies and procedures in place so that data and processes
are compliant when GDPR takes effect (as it will affect legacy data and systems)
3. What does a DPO do?
• Responsible for everything related to Data Protection within your company
• A central and independent function operating within a company or group of companies
(does not take instruction from the company)
• Responsible directly to the board
• Informs and advices about obligations pursuant to the regulation
• Monitors the implementation and application of data protection policies
• Assigns responsibilities to employees and departments within company (e.g. IT, Data,
creative, data capture, research, call centres)
• Training staff involved in processing and handling of data
• Ensures appropriate consent and permissions are in place
• Handles SAR’s (Subject Access Requests)
• Point of contact for the ICO or FEDMA
4. What does a DPO do?
PIA
(Privacy Impact Assessment)
Advices on obligations under
GDPR including staff training
Implements & monitors Data
Audit, processes, SARs
Privacy by Design
(IT and Cyber security)
Data Protection
Officer
5. Your duties under GDPR
• Appoint a Data Protection Officer
• Minimum of 2 year contract – employed or service contract
• Independent of instruction, reporting to the board
• Make changes recommended by the DPO in a timely manner
• Support and involve the DPO at management and operational levels
• Make office space, staff and resources available as required
6. DATUM SOLUTIONS
• Datum are an independent data solutions agency
• ICO Registered
• An outsourced solution
• More cost-effective and flexible than internal resource
• Experts in data protection law, regulation and policy
• Specialist team of cyber security experts and infrastructure
• Many associated Data Services
7. DATUM
please contact us on:
dpo@datumsolutions.co.uk
we promise not to share your details with any third
parties.....without your specific consent