Data Protection Officer

The data protection officer is a person who ensures that their organisation processes the personal data of its staff, customers, providers or any other individuals in compliance with the demands of GDPR. The DPO may be employed internally or externally.

Under the General Data Protection Regulation, appointing a data protection officer is mandatory if you are a public authority or body your core activities consist of processing operations which require regular and systematic monitoring of Data Subjects on a large scale

According to the Article 29 Working Party:

A commitment to designate a DPO where required in line with article 37 of the GDPR or any other person or entity (such as a chief privacy officer) with responsibility to monitor compliance with the BCRs enjoying the highest management support for the fulfilling of this task.

The DPO or the other privacy professionals can be assisted by a team, a network of local DPOs or local contacts as appropriate. The DPO shall directly report to the highest management level (GDPR Art. 38-3). The BCRs should include a brief description of the internal structure, role, position and tasks of the DPO or similar function and the network created to ensure compliance with the rules. For example, that the DPO or chief privacy officer informs and advises the highest 14 Criteria for approval of BCRs In the BCRs In the application form Texts of reference Comments References to application/BCRs5 management, deals with Supervisory Authorities’ investigations, monitors and annually reports on compliance at a global level, and that local DPOs or local contacts can be in charge of handling local complaints from data subjects, reporting major privacy issues to the DPO, monitoring training and compliance at a local level.

More about Data Protection Officer on Piwik PRO Blog:

GDPR & Data Protection Officer: When You Need To Appoint One

3 GDPR Security Requirements You Need to Set Up

General Data Protection Regulation (GDPR): Actionable Facts and Steps to Follow

GDPR FAQ: Your Most Burning Questions About GDPR Answered. Part 2/3

Improve Consumer Experience in Healthcare with Analytics and Personalization: 3 Powerful Use Cases

By Karolina Lubowicka, Karolina Matuszewska in Healthcare

We believe that successfully enhancing patients' digital journey depends on understanding their preferences. That’s why it's crucial to base your digital strategy on reliable statistics and measurable data. In the United States alone, 96% of hospitals have switched from paper records to online portals to aid doctors track testing, imaging and visits, then offer patients […]

Read more

Piwik PRO Signs an Open Letter Advocating for a Tighter ePrivacy Regulation

By Maciej Zawadziński, Karolina Lubowicka in Data Privacy & Security, News & Releases

Piwik PRO, together with twelve other companies, has signed an open letter urging EU Member States to include strong privacy safeguards in the new Privacy and Electronic Communications Regulation (ePrivacy Regulation).The letter is an initiative of Articl8, an industry group of pro-privacy companies thriving in the face of fierce competition from businesses that harvest personal […]

Read more