The General Data Protection Regulation (GDPR) which came fully into force in May 2018 requires many data controller organisations to appoint a Data Protection Officer (DPO). Even organisations not obliged to have a DPO may well find it highly desirable to have their compliance co-ordinated by a single individual.
The DPO should, for example:
Spearhead the move to compliance with the GDPR
Carry out a thorough audit of all the organisation’s processing of personal data
Devise new Privacy Notices and responses to Subject Access Requests in the fuller forms required by the GDPR
Establish efficient procedures for Privacy Impact Assessments, Subject Access Requests and data breaches, etc.
Set up procedures and policies to maintain the organisation’s full compliance with the GDPR, including procedures to record the organisation’s authority and consents for processing the personal data (‘lawfulness of processing’)
This course will address these points in a pragmatic and practical way and will be an invaluable introduction to the responsibilities of the DPO for anyone expecting to take on this role.