Publication date: 29 January 2015
With the upcoming European General Data Protection Regulation, the appointment of a data protection officer will become mandatory for certain businesses and organizations. What are the duties of this officer and what kind of businesses are required to appoint such an officer?
When the European General Data Protection Regulation will become effective, (probably in the course of 2015/2016), the following businesses and organizations must appoint a data protection officer:
The data protection officer – also referred to as privacy officer – is an independent person who monitors the general quality of the data protection policy of an organization. Therefore, while performing his tasks, he cannot receive instructions from you as the employer.
The data protection officer will control whether the processing of data in your company is in accordance with the Data Protection Act. If the data protection officer detects irregularities, he must report them to the person in charge or to the company he was appointed by.
In addition, the data protection officer is allowed to make recommendations. However, these recommendations have an advisory function only. Ultimately, it’s up to the person in charge whether to follow the advice of the data protection officer or not.
Appointing a data protection officer means you will have a “watchdog” within your company. However, appointing a data protection officer has advantages as well. You will have an in-house expert who can quickly provide insight on the right way of data processing. The national data protection agency will act reluctantly if the data protection officer performs his duties properly.
Russell Advocaten will inform you regularly on the most recent developments regarding this General European Data Protection Regulation and its potential consequences for your business. Would you like to know more about the application of the new General Data Protection Regulation, or do you have any other questions on how to organize your company in the context of the new data protection regulation? Please contact:
Jan Dop, LL.M. (firstname.lastname@example.org).
If your employee reports sick, this may raise many difficult questions. What are your reintegration obligations during the sick leave period? What are you allowed to record about your sick employee with regard to the privacy legislation? We answered these and other questions during a webinar. Watch the video!read on
Quality, promptness and personal attention is of paramount importance to us. Read in this newsletter the experiences of five clients. Why do they engage our law firm? What do they think is the strength of Russell Advocaten and, above all, what do they get in return?read on
As an employer, you want to protect your company and company data as much as possible. This can be done, for instance, by granting employees access to the computer, cash register or company premises only by means of their fingerprints. Is that still allowed after the introduction of the GDPR?read on
The use of algorithms carries the promise of objectivity. People assume that algorithm outcomes are “neutral.” This neutrality is, however, an illusion. Algorithms are not as unbiased as we think, and the risk of discrimination looms. Employers should be aware of the limitations of algorithms and have a plan for dealing with them.read on