Tom Fox and Jonathan Armstrong, renowned experts in cyber security, host the award-winning Life with GDPR. In this episode, Tom and Jonathan discuss the Data Protection Officer (DPO) role in light of GDPR – an important requirement outlined in Article 37. They discuss how the European Court of Justice views the role, how Germany had a DPO system in place before GDPR, and that DPOs should be supported by their employer and protected against any potential conflicts of interest. They touch on the shortage of suitable DPOs due to the price and resource requirements of the role, as well as the example of a data protection authority showing up to an organization and finding a person who had been recently trained. Tune in to discover more key insights about the role of the DPO as you stay knowledgeable on GDPR compliance with Life with GDPR.
Key Takeaways:
European Court of Justice and the GDPR System [00:05:46]
DPO Roles and Responsibilities [00:10:50]
Data Protection Authority Visit to an Organization [00:15:26]
Notable Quotes:
- “The Role of a DPO, in simple terms, is to sort of act as a sort of police officer to police the organization’s handling of data.”
- “If you look at GDPR article 37 5, it says that a data protection officer must be designated on the basis of professional qualities. In particular, expert knowledge of data protection law and practices, and there’s a number of duties in Article 39 they have to be able to perform.”
- “Regulators will expect to see competency. And it’s probably easier for a regulator to judge competency than it is to judge conflict of interest.”
- “I think it is definitely worthwhile putting resources in training and also currency.”
Resources
For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.
Connect with Tom Fox
Connect with Jonathan Armstrong
