New FADP: What is the role of the Data Protection Officer (DPO)?
The new DPA, which will come into force on September 1, 2023, does more than just comply with the GDPR. It also positions the DPO at the heart of data protection.
Who should be appointed as my organization’s DPO?
The appointment of a Data Protection Officer (DPO) is mandatory in the case of regular large-scale processing and monitoring. It is also mandatory in the case of public or sensitive data processing.
In other cases, the new FADP does not require the appointment of a DPO, but this function may have some advantages.
Indeed, the DPO must have both legal and technical skills to identify the issues and provide an appropriate solution. To do so, he or she must have knowledge of the organization and its activities as well as sufficient resources and time.
International organizations may choose to appoint a corporate DPO, while SMEs may choose to appoint an external or part-time DPO. Furthermore, the DPO must not have any conflict with internal activities. Therefore, managers may not hold this position.
What are the DPO’s responsibilities under the new FADP?
The DPO is the liaison between the data controllers and their management while remaining independent. Indeed, the data controller has decision-making powers and he is responsible for data protection.
The DPO is responsible for monitoring impact analysis (DPIA). This tool makes it possible to assess the consequences of data processing in accordance with the applicable law. He also plays an advisory role for the company. He is the main contact person for employees, customers and the authorities regarding data protection issues.
Comment piloter la gestion de la conformité de la protection des données personnelles au sein de mon organisation ?
We accompany you, with a clear and efficient approach, in the stages the analysis, consulting, information gathering and implementation stages of the smartcockpit solution through workshops. Be ready for the new FADP and/or GDPR ➡️ Contact us !
We offer a privacy management cockpit specifically designed for the DPO (Data Protection Officer).
It allows you to manage, monitor and ensure compliance by:
- Establishing good governance around data protection
- Keeping a record of processing activities
- Training and raising awareness among its employees
- Aligning its processes to be compliant
- Performing impact analyzes for high-risk activities (DPIA)
- Reviewing contracts, agreements and terms and conditions
- Having a process to manage incidents
- And much more…
