Leveraging ‘Data Protection Champions’ to meet DP goals
Jenai Nissim and Alison Deighton from HelloDPO discuss what data protection champions can be expected to do, and how they can benefit organisations in their compliance efforts.
As a data protection officer, two of the key objectives when it comes to training and awareness are to:
- ensure that they are “involved, properly and in a timely manner, in all issues which relate to protection of personal data” (Article 38(1)) of the General Data Protection Regulation 2016/679 (GDPR); and
- “monitor compliance with [the GDPR] … including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations and the related audits” (Article 39(1)(b)).
Most organisations will not have an infinite amount of resourcing to dedicate towards data protection compliance. It therefore falls upon data protection officers to think about creative ways to leverage any available resources (or allies) that they have internally to meet their obligations under the GDPR, not only to ensure that they meet their statutory responsibilities as a data protection officer, but to ensure that the organisation as a whole complies with data protection requirements.
UK Report subscribers please login to access the full article.
If you wish to subscribe please see our subscription information.