If you are considered a public authority, then you are required by law to appoint a Data Protection Officer, or DPO. This includes Opticians, Dentists and Pharmacists - no matter how small they are, and the GDPR requires that the DPO is an expert on data protection laws and is properly independent to perform the tasks required.
Many forward-thinking organisations have a data protection officer to make sure they stay within the rules and to gain a high level of trust from their customers. It is also good to have someone that understands your business to advise you on data protection issues. It also provides a safety net if your data controller is off work for a protracted period or leaves your organisation.
The Information Commissioner's Office (the ICO) has issued guidance that says the MD or other senior managers cannot be a DPO if they can influence how data is used in the organisation. This is to prevent conflicts of interest.
The good news is you don't need to employ your own DPO, you can use our DPO service. The GDPR and the Data Protection Bill 2018 allow for the use of a contracted DPO that can perform work for many organisations. This delivers expert advice and guidance, when you need it, without the considerable overhead of employing a specialist.
Your nominated DPO will
- Be the registered first point of contact for the ICO
- Deal with communications from the ICO
- Advise your organisation about compliance with data protection laws and other areas of information governance that may apply
- Provide advice and guidance on data protection issues
- Monitor compliance with periodic checks and an annual audit
- Manage internal data protection activities
- Advise on data protection impact assessments
- Be the first point of contact for your data subjects
How it works
- You pay for a minimum number of hours per month (this will vary according to the size of your operation).
- Additional hours (if required) can be accessed at a guaranteed hourly rate.
- You benefit from a fixed price annual audit
- You have direct access to your nominated DPO
- Your DPO will be on hand if you have a data breach to help you handle the situation and minimise the risks