Data Protection Officers (DPO)

Questions

Does your organisation need a DPO?

No
Yes
Not Applicable

If not, who is going to be responsible for GDPR compliance?

Where a DPO is appointed are escalation and reporting lines in place?

No
Yes
Not Applicable

If a DPO is not required legally, consider whether one should be appointed.

No
Yes
Not Applicable

Recommended Actions

Your organisation should designate someone to take responsibility for data protection compliance and assess whether this role will sit within your organisation’s structure and governance arrangements. You should consider whether you are required to formally designate a Data Protection Officer under GDPR.

Completed
Not Applicable
In Progress

No general obligation to appoint a DPO but the following must appoint a DPO: Public authorities (with some minor exceptions) Any organisation whose core activities require: “regular and systematic monitoring” of data subjects “on a large scale”; or “large scale” processing of Sensitive Data or criminal records; and Those obliged to do so by local law (countries such as Germany are likely to fall into this category)

Completed
Not Applicable
In Progress

Data Protection Officers (DPO)

Questions

Recommended Actions

Reach out to us for a consultation.