The Outsourced Data Protection Officer (DPO) service is designed to satisfy an organisation’s legal responsibility to designate a DPO, whether that be mandatory or voluntary.
If you are lawfully required to appoint a DPO, or choose to appoint one voluntarily – consider an outsourcing arrangement.
Why choose us?
We are an established data protection and information security consultancy with international experience, our team are involved in DPO responsibilities across different business sectors, and provide invaluable expert advice.
Under business as usual (BAU) the Outsourced DPO undertakes or commissions the following tasks:
- reviewing documentation (e.g. policies and procedures)
- attending client sites to monitoring work practice compliance
- providing training/raising awareness about data protection issues/priorities
- undertaking or advising on DPIAs, security incident investigations, or rights requests
- advising on processor contracts and sharing agreements
- undertaking periodic compliance audits
- submitting periodic compliance assurance reports to senior management
- liaison with and representing the client to the ICO and data subjects
- testing information security controls
The DPO will also maintain or check the maintenance of:
- information asset registers
- appropriate privacy information
- personal data breach logs
- data subject rights request logs
- information risk register
- other elements of the information governance framework
Providing we can undertake the function of a DPO as envisaged by the law, we will work with you to design an appropriate service that meets your operational needs, your budget, and ensures you remain within the law with regard to the role and responsibilities of the DPO.
Our account support team in Leeds will send to you at the end of every month a statement of the time expended on the provision of the DPO service making for transparency and accountability.
Click here to discuss how we can help you with outsourcing a DPO.