Home / Data Protection Delegate

Data Protection Delegate

Share on Facebook Share on Twitter Share on LinkedIn

A Data Protection Officer " DPO " oversees compliance with the privacy law within a company. Generally the person is chosen who, through his legal duties, has an independent position within a company, also if he is an external one.

The organizations that usually have to present a delegate are:

- Public authorities and organizations;
- Organizations that are dedicated to research;
- Organizations that collect special personal data " for example, religion or political preference " or data related to convictions and criminal offenses.

Differences regarding a director of privacy protection

Many companies now have a director responsible for the protection of privacy. However, this isn't a formal title and they usually perform a more general task than that of a data protection delegate. A privacy protection director continuously evaluates whether a company complies with current privacy laws and regulations, and how it does so, but doesn't necessarily meet all the obligations of a data protection delegate.

Tasks of a data protection delegate

The data protection delegate fulfills both a consulting and control role. The idea is that this professional provides advice on dealing with personal data, and also assess whether your advice has been well implemented. In addition, this person is also a link between the company and the authorities, in the case of some countries, you must deal with the control authority of the relevant autonomous community.

Some of the specific tasks of the data protection delegate are:

- The continuous evaluation of the privacy policy and its implementation.
- Provide advice and interpretation in case of evaluation of data protection impact " research on the possible effects and risks of data processing ".
- Collect the data processing inventories.
- Manage the questions and complaints of employees, customers, patients.
- Advice on security and support technology, such as a document management system " DMS " focused on the GDPR.
- Collaboration with the supervisory authority and constitute the point of contact for them.

What education should a data protection delegate have received?

At the moment, a data protection delegate isn't required to have any title. In practice, most delegates will be those who have been directors responsible for the protection of privacy. Many universities and education centers offer modules or courses that prepare to perform the task of a data protection delegate.

With a view to the future, it's a good idea to establish specific requirements of a delegate in the GDPR. A first step has already been taken with the development of the guidelines. As soon as these are transformed into real laws, an official certification system for data protection delegates will probably also emerge.


See also:
Back to top

Home | About Us | Contact | Privacy Policy | Terms of Use

Copyright 2011 - 2019 - All Rights Reserved