The Outsourced Data Protection Officer (DPO) service is designed to satisfy an organisation’s legal responsibility to designate a DPO, whether that be mandatory or voluntary.
If you are lawfully required to appoint a DPO, or choose to appoint one voluntarily – consider an outsourced Data Protection Officer arrangement.
We are an established data protection and information security consultancy with international experience, our team are involved in outsourced DPO responsibilities across different business sectors and provide invaluable expert advice.
Under business as usual (BAU) the Outsourced DPO undertakes or commissions the following tasks:
- reviewing documentation (e.g. policies and procedures)
- attending client sites to monitoring work practice compliance
- providing training/raising awareness about data protection issues/priorities
- undertaking or advising on DPIAs, security incident investigations, or rights requests
- advising on processor contracts and sharing agreements
- undertaking periodic data compliance audits
- submitting periodic compliance assurance reports to senior management
- liaison with and representing the client to the ICO and data subjects
- testing information security controls
The DPO will also maintain or check the maintenance of:
- information asset registers
- appropriate privacy information
- personal data breach logs
- data subject rights request logs
- information risk register
- other elements of the information governance framework
Providing we can undertake the function of a Data Protection Officer as envisaged by the law, we will work with you to design an appropriate outsourced DPO service that meets your operational needs, your budget, and ensures you remain within the law with regard to the role and responsibilities of the DPO.
Our account support team in Leeds will send to you, at the end of every month, a statement of the time expended on the provision of the outsourced DPO service making for transparency and accountability.
Click here to discuss how we can help you with outsourcing a DPO.
Send us a Message
to DPIA or not to DPIA
What is a DPIA? A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project.... Read More
GDPR Radio – News & Views
During today’s session of GDPR Radio, we discussed the news of the week from the world of Data Protection. We kicked off the webinar by... Read More
What is the Freedom of Information Act?
The Freedom of Information Act 2000 (FOI) provides the public with access to information held by public authorities. The FOI requires public authorities to publish... Read More
skills shortage in the privacy space?
I’ve been reading about skills shortages in the news: HGV drivers, chefs, fruit pickers… and now that we have come to advertise several new posts... Read More
Data Retention – Best Practices, Examples & More
We kicked off this session by discussing the news of the week, we spoke about online racism, Matt Hancock, wealth screening, ICO fines and more.... Read More
GDPR Radio – News & Views
We host GDPR Radio every other Friday between 12:30-13:30, it’s a laid back, collaborative session where we discuss recent news, share our views and answer... Read More