Data Protection Officer

  • Maintain a good level of awareness of data protection issues, updates and developments
  • Review Records of Processing Activities (‘Information Asset Registry’) once per annum
  • Receive requests to update or amend Information Asset Registry from departmental heads and ensure these are actioned
  • Ensure a ‘fit for purpose’ process for data subject rights requests to be channeled and responded to
  • Receive notification of data breaches or near misses at the time of discovery and liaise with Data Security Officer as required
  • Act as point of contact for communication with ICO
  • Stand ready to deliver full evidence of company’s data protection compliance if requested to by ICO
  • Promote and ensure compliance with data protection policies and procedures
  • Receive and review reports on data breaches, near misses and subject rights requests on a regular basis
  • Ensure an adequate programme for training in data protection in place and followed
  • Oversight of data processor compliance log, breach log and subject rights response log
  • Subscribe to and read ICO news and update service
  • Update the company’s board of directors on data protection related issues within the business on a regular basis
  • Refer queries or issues of a technical nature to suitable external advisor/s