Flexible Work, Better Balance
Article
6 mins read
Updated on 16 February 2023
A lot of the advice we provide around data protection compliance concerns the importance of being able to illustrate the steps you have taken to comply with the data protection regime as it applies to your business.
Accountability is one of the key principles of the UK/EU GDPR (“GDPR”) and appointing a data protection officer (DPO) that has the relevant knowledge and expertise is one of the ways you can show you are accountable to the individuals whose data you process. Although the GDPR doesn’t oblige every business to employ a Data Protection Officer (“DPO”), a good rule of thumb is to assume that you do need a DPO unless you can clearly demonstrate that the GDPR requirements for appointing a DPO don’t apply to you.
Here we examine the roles and responsibilities of the DPO within an organisation, ask whether you need to appoint one. A comm...