• Development a comprehensive reporting framework for the CEO / senior management team.
  • Detailed DPO reports will issue on a quarterly basis to ensure appropriate oversight.
  • Data Process Flow Assessments – This is the final stage of this process to have a constant review process on documented process flows to ensure compliance with GDPR.
  • Detailed Data Protection Assessment across all applicable articles of GDPR regulations.
  • Vendor and Data Processor audits to ensure third party compliance with GDPR regulations. Issue remediation programme were breaches identified and monitor/report of progression to compliance.
  • Complete Data Privacy Impact Assessments on new products / services to ensure GDPR compliance through privacy by design and by default.
  • Subject Access Request’s (SAR’s) – As DPO the role under a SAR will be to manage the SAR process to ensure all departments, data processors and any relevant third parties provident data on a timely basis for DPO assessment process. The DPO is not responsible for collating documentation requested by Data Subject, but instead managing process and assessing basis for document inclusion.
  • Data Incidents / Breaches – DPO will be the principal responsible for review and management of Data Breaches. As recommended by the Data Protection Commissioner, a risk-based audit approach will be adopted.
  • Direct Access to DPO – Dedicated email address to the DPO for queries from Data Subjects and Stakeholders. This will be easily accessible on the company website.
  • DPO will have access to all company records to facilitate the completion of the role.
  • DPO will be the principal point of contact with the Data Protection Commissioner.
  • DPO will provide an annual executive summary to the board of directors for assessment purposes in relation to activities undertaken by DPO.