Data Protection Officer - An official responsible for enforcing an organization’s personal data protection law. This term is defined in the general data protection regulation and is described in articles 37 [1] , 38 [2] and 39 [3] and is mandatory for compliance with the regulation.
The data protection officer is appointed on the basis of professional qualities and, in particular, expert knowledge of the general data protection regulations for the following tasks:
- Inform the controller and data processor of their obligations regarding data protection regulations;
- Monitor compliance with the rules and regulations;
- Be a representative in the regulatory oversight body;
- To be a consultant in any situations affecting the regulation.
The data protection officer must be directly subordinate to the highest authorities in the organization; should not receive any instructions on the performance of their duties from the controller or data processor; be fired / fined for the performance of their duties; can perform other functions if they do not contradict the main job descriptions.
Notes
- ↑ Regulation (EU) 2016/679 (General Data Protection Regulation). Designation of the data protection officer .
- ↑ Regulation (EU) 2016/679 (General Data Protection Regulation). Position of the data protection officer .
- ↑ Regulation (EU) 2016/679 (General Data Protection Regulation). Tasks of the data protection officer .