This article, published by Compliance Junction, outlines and answers a variety of questions surrounding whether small businesses need to appoint a data protection officer to comply with the GDPR.
Do small businesses need to appoint a DPO under GDPR?
Related Stories
DPO Toolkit
Are you a data protection officer? Are you trying to staff your DPO position? This DPO Toolkit has a number of resources that should be instrumental in performing what will be a vital role at many organizations inside and outside of the European Union....
DPO Report Template
This slide deck created by the IAPP research team offers a customizable template for a report to organizational leadership to help Data Protection Officers show the activities of the data protection team as well as record compliance with the General Data Protection Regulation....
Sample DPO Service Agreement
Published: July 2018
Click To View (PDF)
Now that the GDPR is in effect, many organizations need data protection officers. However, not all organizations can or need to staff the DPO role in-house — and the regulation does not require organizations to do so; Article 37(6) allows for the data pro...
How to Provide DPO Contact Information to Your DPA
Last Updated: April 30, 2021
Article 37(7) of the EU General Data Protection Regulation requires that “the controller or the processor shall publish the contact details of the data protection officer and communicate them to the supervisory authority.” But how does one go about communicating this ...
DPO Contract Provisions
Published: April 2018
The following are a minimum set of provisions an outsourced DPO contract should have. It must be emphasized that no contract should be drafted without undergoing legal review, especially as it relates to provisions impacted by local laws. There will also be a set of legal pr...