Data Protection Officers

The GDPR introduced a requirement to appoint a Data Protection Officer for many bsuinesses

The tasks of the Data Protection Officer (DPO) are considerable and include:

  • Informing and advising the company on obligations under the GDPR.
  • Monitoring compliance with the GDPR.
  • Providing advice as requested in relation to Data Protection Impact Assessments and monitoring the performance of those assessments.
  • Co-operating with the Information Commissioner's Office (ICO).
  • Acting as a contact point, particularly in relation to where there is a serious data breach (which needs to be reported to the ICO within 72 hours).

The DPO’s role is an onerous one. It is not the case that this should just be forwarded to someone within your business who has very little to do or you would like to give more responsibility. They should be fully conversant with the data protection laws and be able to fulfill all required tasks.

Although the DPO can be an internal source, there are no restrictions on appointing an external consultant and that’s where we come in. SRF have considerable expertise in relation to this area of law and can perform the DPO service for your company (and/or your group of companies collectively), offering competitive rates, which can be agreed on an individual basis or subject to specific requirements.