GDPR – The Role of the Data Protection Officer (DPO)

Slides:



Advertisements
Similar presentations
1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
Advertisements

Webinar: How to handle PRP appeals Presented by Heather Mitchell, employment lawyer at Browne Jacobson.
IAEA International Atomic Energy Agency Responsibility for Radiation Safety Day 8 – Lecture 4.
The Use of Actuaries as Part of a Supervisory Model Michael Hafeman – Consultant World Bank May 2004.
SOLGM Wanaka Retreat Health and Safety at Work Act 2015 Ready? 4 February 2016 Samantha Turner Partner DDI: Mob:
The EU General Data Protection Regulation Frank Rankin.
1 Vereniging van Compliance Officers The Compliance Function in Banks Amsterdam, 10 June 2004 Marc Pickeur CBFA CBFA.
Foresight and Futureproofing Your chance to hear about the big issues facing the third sector in 2016.
All you need to know about MATs
General Data Protection Regulation (EU 2016/679)
HIPAA Privacy Rule Training
Government Internal Audit Career
Tony Sheppard Mobile Guardian
ACADEMY CONVERSION AND MEMBERSHIP OF THE CHILTERN LEARNING TRUST
Governance and Management Trust Board of Directors Trustees for all Academies in Trust Senior Management Staff Appointed by Board to discharge.
Governance and Management
Providing assurance on risk management and controls
Nick MacKenzie, Partner, Browne Jacobson LLP
GDPR Module 3: Accountability and Governance
Running a Privacy Impact Assessment (PIA)
HEALTH AND SAFETY AT WORK ACT 2015
Deployment of a DPO Niamh Gavin AIB Data Protection Legal
Information Destruction; 2017 and beyond!
GDPR Awareness and Training Workshop
General Data Protection Regulations: what you really need to know
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
Museums + Heritage webinar, 30 November 2017
PRESENTATION BY THE LOA TO THE PORTFOLIO COMMITTEE ON FINANCE
Data Protection Legislation
GDPR support January GDPR support January 2018.
DNV experiences and viewpoints
GDPR - Individual’s Rights
GENERAL DATA PROTECTION REGULATION (GDPR)
The Role of the Data Protection Officer
GDPR in schools and academies
The Audit Function.
Data protection reform – update from the ICO
Information Governance
Data protection in the Education Sector - understanding the impact of GDPR Tuesday 23rd January 2018.
The GDPR & Schools - An Introduction -
GDPR – Practical Implementation Managing contracts, procurement and relationships with suppliers Terry Brewer Chief Executive.
Clerking a Governing Board
General Data Protection Regulation
GDPR: How to ensure a culture of compliance
Preparing for the GDPR - What do we need to do if we process children’s personal data? Data Protection Practitioners’ Conference 2018 #DPPC2018.
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
Mathew Norman, Policy & Public Affairs Officer, RLA Wales
GDPR (General Data Protection Regulation)
How we’ll prepare for the General Data Protection Regulation (GDPR)
TYPE IN CENTRE NAME LEVEL 1 GDPR AWARENESS TYPE IN NAME
IMPLICATIONS OF GDPR ROBERT BELL.
Welcome!.
 How does GDPR impact your business? Pro Tip: Pro Tip: Pro Tip:
Confidentiality of Information Acknowledgment and Agreement 2018
Where are you now with GDPR?
 GDPR Readiness Quiz Quick Insight: Quick Insight: Quick Insight:
DUTIES AND RESPONSIBILITIES OF THE BOARD OF DIRECTORS
GDPR PERSONDATAFORORDNINGEN I PRAKSIS
What Governors need to know about GDPR
TYPE IN CENTRE NAME LEVEL 1 GDPR AWARENESS TYPE IN NAME
ADD YOUR LOGO HERE TYPE IN CENTRE NAME LEVEL 2 GDPR AWARENESS
The General Data Protection Regulations 2016
ADD YOUR LOGO HERE TYPE IN CENTRE NAME LEVEL 1 GDPR AWARENESS
GDPR: Understanding your obligations and the ongoing challenges
GDPR success: Evidencing outcomes
Internal Audit’s Role in Preventing Fraud and Corruption
TYPE IN CENTRE NAME LEVEL 2 GDPR AWARENESS TYPE IN NAME
Developing and Evaluating Processes and Practices
Getting Ready For GDPR Simon Marks Director
A. Šidlauskas Mykolas Romeris University (LITHUANIA)
Presentation transcript:

GDPR – The Role of the Data Protection Officer (DPO) Dai Durbridge

This session Run through the role of the DPO Time to answer some questions

Why all the fuss about GDPR? Update to 1998 Data Protection Act Creates DPO role Refocus on stronger data security and privacy rules Up to €20,000,000 fine 25 May 2018

Do we need a DPO? Yes GDPR requires a DPO to be appointed by public authorities and (currently) this includes state schools and academies

Was there a rumour schools won’t need a DPO? There was indeed…

Do MATS need a DPO for each academy No MAT is a single legal entity so the requirement will be for one DPO per MAT However, consider the team the DPO needs around them

What does the DPO role entail? Articles 37 to 39 Monitor GDPR compliance and implementation and application of data protection policies Inform/advise school and staff about GDPR obligations Advise whether and how to carry out DPIA

What does the DPO role entail? Cont… Be the point of contact for the ICO Train staff Carry out internal data audits

What qualifications does a DPO need? No precise credentials specified by the GDPR, but…. DPO must have expert knowledge of data protection law and practice Training will be needed Recognised accreditations likely in due course

What support should the school provide? Active support of the DPO function by senior management Sufficient time and resources for DPO to fulfil their duties Communicate designation of DPO to all staff Continuous training

What support should the school provide? Cont… Ensure DPO is involved in all data protection DPO reports to SLT/governors/MAT Board DPO operates independently DPO can be contacted by data subjects

Who should be your DPO? No need to employ new person or make it a sole role Consider experience and knowledge of data protection law and practices Can be a DPO for more than one school – but consider: Organisation structure and size Accessibility of the DPO from each establishment

What about potential conflict? GDPR Working Party: “As a rule of thumb, conflicting positions may include senior management positions (such as chief executive, chief operating, chief financial, chief medical officer, head of marketing department, head of Human Resources or head of IT departments) but also other roles lower down in the organisational structure if such positions or roles lead to the determination of purposes and means of processing.”  

How does this apply to my school? Not about the title held but the role undertaken First focus on the abilities of the candidate then address whether that person – because of the role they undertake – is conflicted IT lead is best example

Can I outsource the DPO role? Yes Consider due diligence, cost, SLAs

Should I take the role if offered? The million dollar question!

Talk to us Please note The information contained in these notes is based on the position at January 2018. It does, of course, only represent a summary of the subject matter covered and is not intended to be a substitute for detailed advice. If you would like to discuss any of the matters covered in further detail, our team would be happy to do so. © Browne Jacobson LLP 2018. Browne Jacobson LLP is a limited liability partnership. Dai Durbridge | 0330 045 2105| dai.durbridge@brownejacobson.com

GDPR – The Role of the Data Protection Officer (DPO) Dai Durbridge 27 November 2017

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.