Presentation is loading. Please wait.

Presentation is loading. Please wait.

A. Šidlauskas Mykolas Romeris University (LITHUANIA)

Published byÊ Παυλόπουλος Modified over 5 years ago

Similar presentations

Presentation on theme: "A. Šidlauskas Mykolas Romeris University (LITHUANIA)"— Presentation transcript:

1 A. Šidlauskas Mykolas Romeris University (LITHUANIA)
OPPORTUNITIES FOR DPO (DATA PROTECTION OFFICER) OCCUPATIONAL TRAINING AND IMPROVEMENT A. Šidlauskas Mykolas Romeris University (LITHUANIA)

2 In 1995, the European Parliament enacted into law a Data Protection Directive with the intent of securing personal data. The directive has been updated into what is now known as the General Data Protection Regulation (GDPR) in 2016 with the regulation going into application on the 25th of May 2018.

3 The scientific problem is that data protection officers do not possess any in-depth knowledge as to how to apply the GDPR, and neither do they know how to improve and raise their qualification.

4 The main purpose of this article is to present some recommendations that would help DPOs enhance their knowledge and raise their qualification.

5 The main purpose will be accomplished through the following tasks: 1
The main purpose will be accomplished through the following tasks: 1. Overviewing the GDPR. 2. Examining the principal occupational functions of DPOs. 3. Assessing the opportunities for DPOs training and improvement.

6 Methodology. This scientific article shall use the following methods: document analysis, review of scientific literature, case studies and generalization.

7 The GDPR is based on seven key principles: Lawfulness, fairness and transparency; Purpose limitation; Data minimization; Accuracy; Storage limitation; Integrity and confidentiality (security); Accountability. Compliance with the spirit of these key principles is a fundamental building block for good data protection practice.

8 The GDPR empowers data subjects with individual rights that include being informed, requesting access to their information, obtaining and reusing their data across different platforms (data portability), rectifying and erasing their personal data, objecting to automated processing, and withdrawing their consent under some circumstances.

9 Data Protection Officer (DPO) is a new position implemented in the companies as the GDPR requires certain companies to appoint a DPO to ensure compliance within the company. These officers should inform the organisation on the GDPR and maintain compliance internally. Furthermore, the officer is the point of contact for the supervisory authority and the individuals whose data is being processed.

10 The DPO appointment is mandatory only for those controllers and processors whose core activities consist of processing operations which require regular and systematic monitoring of data subjects on a large scale or of special categories of data or data relating to criminal convictions and offences.

11 The DPO must : 1. Inform and advise firms and employees who carry out data processing on applicable data protection provisions; 2. Monitor compliance with the GDPR, other data protection provisions, and additional internal data protection policies; this includes training and auditing; 3. Advise on data protection impact assessment (DPIA); 4. Cooperate with the supervisory authority; 5. Serve as main contact for the supervisory authority.

12 The GDPR says that you should appoint a DPO on the basis of their professional qualities, and in particular, experience and expert knowledge of data protection law. It doesn’t specify the precise credentials they are expected to have, but it does say that this should be proportionate to the type of processing you carry out, taking into consideration the level of protection the personal data requires.

13 The DPOs training and improvement opportunities:
GDPR; Supervisory authority; GDPR compliance audit; Public information about GDPR; GDPR workshop and conferences; GDPR certification training courses. In order to improve their knowledge and qualification, DPOs should not limit themselves to any specific measure out of those, as the measures may also be employed together as a set.

14 DPOs are required to possess extensive knowledge of the GDPR laws in order to execute their office effectively and demonstrate full compliance with the regulations. The DPO role is multifaceted and requires extensive knowledge of IT management, systems, data processing, and of the GDPR law, in order to overcome and prevent cyber-threats.

15 End of presentation Thank you!

Download ppt "A. Šidlauskas Mykolas Romeris University (LITHUANIA)"

Similar presentations

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
Europol’s tailor-made data protection framework

Europol’s tailor-made data protection framework
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
General Data Protection Regulation (EU 2016/679)

General Data Protection Regulation (EU 2016/679)
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
The future of data protection: General Data Protection Regulation

The future of data protection: General Data Protection Regulation
Preparing for a data protection audit 28 September 2017

Preparing for a data protection audit 28 September 2017
GDPR Module 3: Accountability and Governance

GDPR Module 3: Accountability and Governance
Issues of personal data protection in scientific research

Issues of personal data protection in scientific research
Microsoft 365 Get help with regulatory compliance

Microsoft 365 Get help with regulatory compliance
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
GDPR – Legal Aspects Desislava Krusteva, Attorney-at-Law, CIPP/E

GDPR – Legal Aspects Desislava Krusteva, Attorney-at-Law, CIPP/E
General Data Protection Regulation

General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
Museums + Heritage webinar, 30 November 2017

Museums + Heritage webinar, 30 November 2017
GDPR Overview Gydeline – October 2017

GDPR Overview Gydeline – October 2017
Data Protection Update – GDPR or bust

Data Protection Update – GDPR or bust
General Data Protection Regulation: Turning the black into white

General Data Protection Regulation: Turning the black into white
GDPR Overview GDPR - General Data Protection Regulations

GDPR Overview GDPR - General Data Protection Regulations
GDPR support January GDPR support January 2018.

GDPR support January GDPR support January 2018.

Similar presentations

Ads by Google