The appointment of a data protection officer is mandatory for many companies. But how does the data protection officer actually perform in practice once he or she has been appointed? Among other things, this is the subject of a current audit by the European data protection supervisory authority, in which the Bavarian State Office for Data Protection Supervision (BayLDA) is also involved.
Find out everything you need to know about the testing campaign here!
First point of contact for data protection issues
Data protection officers are not only the first point of contact for the supervisory authorities when it comes to data protection. Rather, the BayLDA describes them as "guarantors of data protection in everyday life," especially for small and medium-sized enterprises. They maintain an overview of data protection objectives in the company and also make a key contribution to the success of data protection-compliant digitization.
DPO as a central innovation in the GDPR
When the GDPR came into force about five years ago, the requirement of the data protection officer was a central and much discussed change. Today, the position of data protection officer is already well established in all member states and the data protection officer has become one of the cornerstones of data protection.
The supervisory authorities' audit campaign now wants to take a closer look at exactly what the position of the data privacy officer looks like in practice. Above all, questions will be asked about qualifications and resources. In addition, possible impairments to the independent and effective performance of duties will be examined.
It is also still questionable to what extent the influence exerted by the exercise of additional functions as a dual role of the data protection officer may contribute to conflicts of interest.
In the same way, the audit action has set itself the goal of examining how the requirement for reporting by the data protection officer at management level must be dealt with.
If you are interested in what questions are specifically asked or want to go through them once yourself, you can find here the test sheet used by the test action.
Until the evaluation is complete, it remains exciting to see what conclusions will be drawn about the position of the data protection officer.
If you would like to know more about the topic of data protection officer, you are welcome to read here all our blog articles on this topic.
Do you have questions about data protection officers or data protection in general? Our team of experts will be happy to advise you. We can also offer to provide you with a professionally trained External Data Protection Officer so that you no longer have to worry about anything. Feel free to contact us on any topic without obligation here!