A Data Protection Officer (DPO) is a specialised leadership role, dedicated to data privacy and security. Under the GDPR, the role will be mandatory for many organisations. Common responsibilities of the DPO include:
The below are required by GDPR to appoint a DPO although any organisation may appoint one if they feel it is necessary. Also, depending on their size, a single Data Protection Officer can be appointed to act on behalf of a group of organisations. Those that will have to appoint a DPO:
The DPOs will provide a central, high-level focal point for data strategies in the future. This is important as GDPR regulations affect the whole of an organisation, therefore a mistake from any employee could land the whole organisation in breach of a rule and liable to fines. It will, therefore, be integral for DPOs to acquire buy-in from the highest levels when implementing processes, people and technology to ensure personal data is always being handled in the individual's best interest.
We look at how you can justify investment in data quality by understanding the issues with your current business case – and advice on how to make it more powerful.