Tag Archives for " DPO "

DPO Confessional: Think globally, but direct market locally

Applying the consent basis to data processing has territorial implications. Unfortunately, the EU’€™s General Data Protection Regulation contains some ambiguity regarding the proper basis to choose for the purposes of direct marketing -€” the two leading options seem to be legitimate interest or consent. One must look not only to the law but also to custom and practice in each region of interest.

Source: DPO Confessional: Think globally, but direct market locally

A little help with DPO contracts

With the EU General Data Protection Regulation nearly upon us, we at the IAPP have been getting an onslaught of calls and emails from members asking for compliance help.

As the manager of our online Resource Center, I am on the receiving end of the bulk of those questions. Of late, one of the more frequent requests is for a sample data protection officer contract for organizations that need a DPO under the GDPR and plan to outsource the job.

Source: A little help with DPO contracts

GDPR Pushes Up Demand For Data Privacy Officers

New numbers out Wednesday on the cost for companies to implement the European Union’s General Data Protection Requirements (GDPR) compliance vary widely, depending on the industry and the number of employees.

While 80% of companies with between 1 and 9 employees expect compliance to cost their business under $50,000, 92% of those working at an enterprise of more than 1,000 employees expect GDPR compliance to cost their business more than $50,000.

Source: GDPR Pushes Up Demand For Data Privacy Officers 04/12/2018

New WP29 chair talks enforcement, role of the DPO

It was hardly surprising that the impending May 25 deadline for the EU General Data Protection Regulation was top of mind among attendees this week at the IAPP Global Privacy Summit in Washington.

So when the new chairwoman of the Article 29 Working Party sat down for a one-hour interview to discuss GDPR enforcement, the room filled up.

Source: New WP29 chair talks enforcement, role of the DPO

The Next Hot Area Of Law: Privacy

The demand for lawyers who understand privacy is high — and will only get higher in the years ahead.

My view of privacy law’s bright future has only increased from attending this year’s Global Privacy Summit, hosted by the International Association of Privacy Professionals (IAPP) in Washington, D.C. The Summit draws roughly 3,500 attendees each year, and its opening session, held this morning in the cavernous main hall of the Washington Convention Center, was packed — a standing-room-only crowd, to hear the keynotes of Monica Lewinsky, who needs no introduction, and Jon Ronson.

Source: The Next Hot Area Of Law: Privacy | Above the Law

DPO-as-a-Service Options Pop Up as GDPR Deadline Looms

The 25 May deadline for compliance with the EU General Data Protection Regulation (GDPR) is looming large, and many businesses aren’t yet prepared, including for the requirement of implementing a data protection officer (DPO). However, as-a-service options could be a new cottage industry springing up to fill the need.

For public bodies and many private businesses, appointing a DPO is a mandatory requirement under the GDPR regardless of the size of the organization or the resources it has. DPO-as-a-service models can thus benefit smaller businesses that may balk at the need to recruit expensive, full-time, in-house compliance staff.

Source: DPO-as-a-Service Options Pop Up as GDPR Deadline Looms – Infosecurity Magazine

Companies rushing to hire data protection officers pre-GDPR

With the General Data Protection Regulation (GDPR) set to go into effect at the end of May, companies are hiring experienced staff and data protection officers.

However according to new research, 25 percent of all vacancies have been posted in 2018 which shows that many businesses have left compliance to the last minute.

Source: Companies rushing to hire data protection officers pre-GDPR | ITProPortal

Ireland’s DPA Clarifies Role and Appointment of DPOs

The DPC recommends that all organisations who will be required by the GDPR to appoint a DPO should do this as soon as possible and well in advance of May 2018. With the authority to carry out their critical function, the Data Protection Officer will be of pivotal importance to an organisation’s preparations for the GDPR and meeting the accountability obligations.

A DPO may be a member of staff at the appropriate level with the appropriate training, an external DPO, or one shared by a group of organisations, which are all options provided for in the GDPR.

Source: Data Protection Officer

GDPR: A Deeper Look At the Data Protection Officer Role

Deciding whether or not your company needs a data protection officer under the EU’s forthcoming General Data Protection Regulation is not always an easy or straightforward decision.

What’s worse, the difficult decisions don’t end once you have come to a conclusion that, in fact yes you do need one. Now the company has to find the best person for the position, which is no easy task for several reasons. One, the EU has not clearly defined the requirements for the DPO’s job. Two, the role requires several different kinds of expertise.

Source: GDPR: A Deeper Look At the Data Protection Officer Role

How to build and maintain a data governance system

While data mapping and inventory, and establishing a lawful basis for processing, are logically the first two steps on the road to GDPR compliance, these activities require coordination among many people throughout the organization to be performed by at least one person who is both knowledgeable about the GDPR and capable of project management. Whether that person’s title is DPO or not will depend on additional analysis of the relevant GDPR provisions.

Source: Top 10 Operational Responses to the GDPR – Part 3: Build and maintain a data governance system

1 2 3 5
>