DPO (Data Protection Officer)
There has never been a more appropriate time to appoint a DPO in your organisation, with many consultancy firms selling or dangling the risk of substantial fines from ICO as a key driver, we take a slightly different approach. The appointment of a DPO under the EU General Data Protection Regulation (GDPR) is only mandatory in three situations: when the organisation is a public authority or body, or when the organisation’s core activities consist of either:
1. Data processing operations that require regular and systematic monitoring of data subjects on a large scale; or
2. Large-scale processing of special categories of data (i.e. sensitive data such as health, religion, race, sexual orientation, etc.) and personal data relating to criminal convictions and offences.
There is no exemption for small and medium-sized enterprises (SMEs), which has been reaffirmed by the Information Commissioner’s Office (ICO)
It makes sense to appoint a DPO but who with your current staff has the time or knowledge?
Under GDPR there has never been a better opportunity to revisit what you do and challenge why. A real chance to streamline how you work, back to basics and minimise your risks. That's why we offer DPO as a service to give you firstly peace of mind that you are compliant, secondly that working collabartively we can help identify these unhelpful areas and make some positive recomendations.
Why not take a look at our packages for DPO as a service (DPOaaS) and see which would suit you best - of course if you want something more tailored then please get in touch and we will work our magic for you.