Guest user Created: Nov 15, 2017 Last commented: Nov 15, 2017

Person responsible for data protection

In various areas of the documentation, it refers to the “person responsible for Data Protection in your organization.” For example: Sect. 3.5 of the Data Retention Policy. Would the IT Manager role be typical for this or would it be someone higher up such as the head of IT? If we have a DPO, would it be the DPO in that case?

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic Nov 15, 2017

Answer: If you have the Data Protection Officer, then this is the person responsible for data protection in your company.

If you do not have such function, you can assign a role of person responsible for data protection to someone like Head of IT department, Head of legal department, or similar - GDPR itself does not provide any guidelines on this, but it would be good to have someone with enough authority in the company to make important changes.

See also this article: The role of the DPO in light of the General Data Protection Regulation https://advisera.com/eugdpracademy/knowledgebase/the-role-of-the-dpo-in-light-of-the-general-data-protection-regulation/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Nov 15, 2017

Expert Advice Community