DPO as a service

DPO as a service

DPO as a service
Hiring a DPO on a month to month basis?

Advantages:

  • A practical and cost efficient solution to comply with GDPR law
  • Flexibly deployable, the amount of working hours is adjustable
  • Takes care of everything partaking to information security
  • Which in turn lets you focus on your core business
  • Access to external independent expertise and a confidant to confide in
  • No conflict of interest between the DPO and other staff
  • Implementation of best practices and use of standards to become compliant in the GDPR
  • This also gives you access to GDPR training, security measures and services

Tasks of a DPO:
The tasks of a DPO as a service are (a combination of) the following elements:

    • Creating a register of personal data processing operations and reviewing these operations.
    • Assessing the risks posed by the personal data processing operations
    • Dealing with operations that are likely to result in a “high risk” and carrying out a Data Protection Impact Assessment (DPIA) or Privacy Impact Assessment (PIA)
    • And repeating the aforementioned tasks on an ongoing basis
    • A DPO also deals with and gives advice on handling personal data breaches
    • They have an investigational task that includes the handling of internal complaints if it directly relates to the their tasks
    • Giving advice on and monitoring of compliance with data protection
    • policies, joint controller-, controller-controller-, and controller-processor contracts, binding corporate rules and data transfer clauses
    • Supporting and promoting Data protection by design & Data protection by default
    • General advisory task that can include but is not limited to giving advice on:
      • data protection and measurements on legal, technical and organizational levels.
      • Data subject rights of “access”, “rectification”, “erasure”, “restriction”, “object (automated decision making)” and “restriction”
      • Managing, monitoring, checking and reporting of incidents and data leaks
      • On current and new developments concerning data processing and security
    • Involvement in codes of conduct and certifications
    • Cooperation with and consultation of the Data Protection Authority (DPA)
    • Handling data subject requests
    • Information and awareness-raising tasks, this can include awareness training on data protection (10% discount on training)
    • Planning and reviewing the DPO’s activities
    • Periodical reports to the board of directors to show progress
    • Point of contact:
      • For the DPA
      • For questions and complaints on privacy within your organization
      • For your organization that relate to data protection

Contact us