CHAPTER 2: ROLE OF THE DATA PROTECTION OFFICER
The GDPR takes a role that already exists in some organisations, that of the data protection officer (DPO), and gives it statutory importance.
Within Chapter IV of the GDPR, Articles 37-39, lay out the requirements for appointing a DPO, as well as their specification, role, duties and relationships with other entities (such as data subjects, controllers and processors, etc.).
Whether or not your organisation needs to appoint a DPO comes down to three basic conditions, according to the Regulation.
The controller and the processor shall designate a data protection officer in any case where:
(a) the processing is carried out by a public authority or body, except for courts acting in their judicial ...
Get EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide - Second edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.