What is, and which organizations have to appoint a DPO?
A Data Protection Officer (DPO) is a person in charge of verifying the compliance of personal data processing with the applicable law. The DPO communicates information on processing personal data such as its purposes, interconnections, types, categories of data subjects, length of retention and department(s) in charge of implementing processing. DPOs may be required by law or recommended.
Organizations must designate a DPO who is accountable for the organization’s compliance with the Data Privacy Act. The DPO’s responsibilities include:
- monitoring compliance with the DPA and its implementing rules and related regulations;
- ensuring the conduct of Privacy Impact Assessments;
- advising the employer regarding complaints and/or the exercise by data subjects of their rights;
- ensuring proper data breach and security incident management;
- cultivating awareness on privacy and data protection;
- advocating for the development, review and revision of data privacy guidelines; and,
- serving as the employer’s contact person.
A DPO or Compliance Officer’s contact details must be accessible to concerned parties and must be published on the company’s website and included in privacy notices, privacy policies and privacy guides. The contact details should include the title/designation, postal address, dedicated phone number, and dedicated email address. The individual’s name does not need to be published, but should be available if requested (NPC Advisory No. 2017-01 – Designation of Data Protection Officers).
Led by PeopleDoc’s Chief Legal & Compliance Officer, the HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers, including the global law firm Morgan Lewis, to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where PeopleDoc’s customers have employees. HR Compliance Assist is a service exclusively available to PeopleDoc customers.