Officer Role

GDPR
OFFICER ROLE

0330 332 6262  |  solutions@itoutcomes.com

What is a GDPR Officer?

One of the major changes introduced with the GDPR is the need for some organisations to have a Data Protection Officer (DPO) appointed.  The DPO is an employee or professional hired externally who is responsible for ensuring their organisation is compliant with GDPR.  The officer has an important role!  As part of their job, they need to:

  • Advise and guide their organisation on the requirements of the GDPR
  • Monitor their organisation’s compliance with the regulations
  • Be available during Data Protection Impact Assessments to provide advice
  • Be the main point of contact for data subjects and for co-operation with national supervisory authorities such as the ICO (information commissioner’s office).

It is also important for the DPO to carry out regular data audits and to oversee the implementation of compliance tools.  They must be able to report to senior management should they need to raise any concerns too.

Does My Business Need a GDPR Officer?

Not all businesses will require a data protection officer.  There are three main criteria around the requirement to appoint a GDPR officer:

  1. Where data processing is carried out by a public authority or body;
  2. Where the main data processing operation is regular, systematic and on a “large scale”;
  3. Where any data processing relates to special categories of data such as those relating to criminal convictions or offenses

The above requirements apply to both controllers and processors of data.

It is important to be clear whether the data processing is a key part of the organisation’s activities, for instance a hospital’s main activity is the provision of health care, which involves patient health records (personal data), so they would certainly require a DPO.  A company processing data for payroll or employment purposes are not collecting data as a main part of their job, so they would not require a DPO.  If you are at all unsure, it is certainly worth taking a look at our GDPR services, where we can advise you on the best course of action to take and whether your organisation would require the DPO to be appointed or not.

Get in touch

At IT Outcomes we love to hear from our customers, whether you are new to Managed IT Services, are looking to change your existing supplier or need advice just call or email and our approachable team.

This contact form is deactivated because you refused to accept Google reCaptcha service which is necessary to validate any messages sent by the form.

Privacy Preference Center

    Cookies

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.

    Session Cookies, Preference Cookies, Security Cookies
    Session Cookies, Preference Cookies, Security Cookies
    User Login, Post a Comment

    WAIT! BOOK A FREE IT SITE VISIT

    Ignoring IT Issues & Faults that manifest can shutdown organisations!

    Don't ignore these minor issues! Instead speak to IT Outcomes friendly team who won't put the 'sales spin' on your issue, but simple and effective action plan and free advice moving forward!

    This information is NEVER shared with 3rd parties