Now that the GDPR legislation and UK Data Protection Act of 2018 have come into force, there are new requirements that businesses must follow. One such requirement is the employment of a DPO (Data Protection Officer) within organisations. Under the GDPR you must have a DPO if you fall into any of these categories:
Even if you don’t meet these criteria, it may still be helpful to have someone who takes a lead on ensuring your organisation meets compliance with data protection requirements so that you can be confident that personal information is being handled appropriately and that all staff understand their responsibilities in this area.