Development a comprehensive reporting framework for the CEO / senior management team.
Detailed DPO reports will issue on a quarterly basis to ensure appropriate oversight.
Data Process Flow Assessments – This is the final stage of this process to have a constant review process on documented process flows to ensure compliance with GDPR.
Detailed Data Protection Assessment across all applicable articles of GDPR regulations.
Vendor and Data Processor audits to ensure third party compliance with GDPR regulations. Issue remediation programme were breaches identified and monitor/report of progression to compliance.
Complete Data Privacy Impact Assessments on new products / services to ensure GDPR compliance through privacy by design and by default.
Subject Access Request’s (SAR’s) – As DPO the role under a SAR will be to manage the SAR process to ensure all departments, data processors and any relevant third parties provident data on a timely basis for DPO assessment process. The DPO is not responsible for collating documentation requested by Data Subject, but instead managing process and assessing basis for document inclusion.
Data Incidents / Breaches – DPO will be the principal responsible for review and management of Data Breaches. As recommended by the Data Protection Commissioner, a risk-based audit approach will be adopted.
Direct Access to DPO – Dedicated email address to the DPO for queries from Data Subjects and Stakeholders. This will be easily accessible on the company website.
DPO will have access to all company records to facilitate the completion of the role.
DPO will be the principal point of contact with the Data Protection Commissioner.
DPO will provide an annual executive summary to the board of directors for assessment purposes in relation to activities undertaken by DPO.