DPO Handbook: Data Protection Officers Under the GDPR, Second Edition by Thomas Shaw, CIPP/E, CIPP/US, provides a comprehensive view of all aspects of the role of Data Protection Officers (DPOs) under the EU’s new General Data Protection Regulation (GDPR), starting with a look at how organizations determine whether they need a DPO, defining the skills required for the role, and discussing how to source this skillset. The book then describes in detail the various tasks a DPO performs starting from their first day and month on the job and concludes with examples of DPOs performing their role in different types of organizations.
Intended for anyone occupying the role of DPO, whether new or experienced, part-time or full-time, employee or outsourced, lawyer, auditor, IT or compliance specialist, or non-technical manager, this book provides the technical questions to ask for non-technical DPOs, the legal questions to ask for non-lawyer DPOs, and the audit questions to ask for non-auditor DPOs.
If you are a controller or processor trying to determine if you need a DPO and how to find them or a DPO trying to understand the many facets of your duties and responsibilities, you will find this an invaluable guide.
This second edition is updated with practical advice on GDPR training for various types of employees, thoughts on using ISO 27001 and the CNIL’s methodology for analyzing an organization’s security profile, guidance from the newly established European Data Protection Board, and much more.