Data Protection Officer for GDPR requirements and deadlines
Data Protection and GDPR become enforceable from 25 May 2018. Stronger rules on Data Protection from 25 May 2018 mean citizens have more control over their data and business benefits from a level playing field. One set of rules for all companies operating in the EU, wherever they are based. Find out what this means for your company.
Data Protection Officer DPO
A Data Protection Officer DPO is a certified person with expert knowledge of data protection law and practices that should assist the controller or processor to monitor internal compliance with GDPR Regulation.
The DPO is similar but not the same as a Compliance Officer as they are also expected to be proficient at managing IT processes, data security (including dealing with cyber-attacks) and other critical business continuity issues around the holding and processing of personal and sensitive data. The skill set required stretches beyond understanding legal compliance with data protection laws and regulations.
What is Personal Data?
The definition of Personal Data covers any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
Personal Data: Name, Address, Localisation, Online Identifier, Health Information, Income, Culture profile etc
The Importance of the GDPR Rules
Why change the rules? For building a safe environment for all users and business owners.
What a company must do
To be GDPR compliant a company should begin with the following: