healthcheck-step-1 Created with Sketch. 1 image/svg+xml
Business, taken personally.

Data Protection Officers: have you appointed yours?

Posted by Lotty Reeves on 25th November 2019

Even though the introduction of the General Data Protection Regulation (the GDPR) feels like a dim and distant memory, organisations continue to grapple with data protection principles and how to achieve best practice.

To ensure the data protection principles and objectives behind the GDPR are met, thousands of organisations across the country have appointed a Data Protection Officer (DPO).

Although the concept of a DPO isn’t new, the GDPR sets out a number of new requirements regarding the role and what tasks they must undertake.

Is it mandatory to appoint a DPO?

It is mandatory to appoint a DPO if you are a public authority or body, and/or if your core activities involve large scale monitoring and processing of individuals or special categories of data relating to criminal convictions and offences.

Appointing a DPO helps organisations stay the right side of the GDPR. The ICO (Information Commissioner’s Office) strongly recommend that if you process personal data (be it information about staff, customers, or third-party suppliers) you should appoint a DPO.

Any organisation that decides against appointing a DPO needs to document the reasoning behind the decision as any organisation can be investigated by the ICO for not appointing a DPO.

What are my obligations once a DPO is appointed?

A DPO plays a key role in building data protection into any organisational culture. They are responsible for ensuring the GDPR principles are implemented in practice, and suitable data records and filing fees are dealt with in the applicable time scale. To do this efficiently the organisation must provide training so that DPOs can stay up to date with data protection developments.

Where can you find suitable training?

Expert-led by Endeavour Partnership’s Data Protection expert Jessica Maine, our DPO training is designed specifically for businesses. Jessica works side by side with you and your DPO to develop their knowledge of the GDPR, providing practical tips on how to effectively manage and ensure your organisation’s data compliance.

To book your DPO training session please contact Jessica directly on j.maine@endeavour.law or give her a call on 01642 610325


Share this post: