Appointing a Data Protection Officer (DPO) is one of the new
requirements under the GDPR that applies to certain organisations due to their use
of personal data. Not all organisations are required to appoint a DPO but some may
wish to appoint a DPO even if not required to do so under the GDPR. A DPO needs
to be sufficiently independent, have expert knowledge of data protection law and
be able to report to an organisation’s senior management.
Bates Wells is here to help you:
- Assess
whether your organisation is required to appoint a DPO under the GDPR; and/ or
- If
you are required to appoint a DPO or wish to do so in any event, to provide
external support with the DPO role.
Our team can act as an external, outsourced DPO service
providing you with the expertise and experience required for a DPO. This
includes:
- Discussions with senior management or core
departments within your organisation about projects involving use of personal
data and advising on the implications under the GDPR
- Liaising with individuals making requests under
the GDPR or any enquiries from data protection authorities
- Monitoring compliance with the GDPR and with
your data protection policies
- Carrying out and reviewing Data Protection
Impact Assessments
- Supporting you with any data security breach
incidents and any breach reporting to individuals or data protection
authorities
- Providing GDPR training and awareness-raising to
your personnel
- Carrying out GDPR compliance audits/ health
checks
- Reporting to senior management on an annual (or
more regular) basis concerning the organisation’s compliance with GDPR
If you’d like to discuss your requirement to appoint a DPO or discuss the external, outsourced DPO service Bates Wells can offer, please contact Victoria Hordern on [email protected].