
Data Protection Officer
What is it about?
Whilst only a minority of organisations are required to appoint Data Protection Officers, it is increasingly common to make a voluntary appointment. External DPOs such as Exigia can plug knowledge and skills gaps and provide much needed independent judgement.
How hard can it be?
- Data Protection is complicated and ever changing
- Getting it wrong can lead to serious consequences such as loss of business and even heavy regulatory fines
- Legislation isn’t the only consideration; standards, technology changes and sector practices need to be taken into account
- Internal management are inevitably busy, focused elsewhere and cannot be expected to be as independent as an external advisor
How can we help?
We can really make a difference with
- Audit and review of process and documents
- Briefing papers and reports
- Assessing new programmes
- Risk assessments
- Data Protection Impact Assessments (DPIAs)
- Legitimate Interest, Transfer Risk and other assessments
- Incident handling
- Acting as a point of contact with data subjects for access and data rights requests
- Dealing with the Information Commissioner’s Office
Or you may just value the independent view and advice that only an external DPO can provide.