As a business with 10 or more people involved in data processing, you are legally obliged to have a data protection supervisor. Even if your business has a smaller number of employees and sensitive data processing procedures, a data protection supervisor can be of use.
Apart from the legal obligation, under the influence of the auditing standard of the Institute of Aditors, the data protection compliance has turned the ISW PS 980 into the focus of auditors. Practice, however, shows that the issue of manager liability regarding IT security is significantly increasing.
Therefore, you must fully be prepared for an inspection visit of the responsible supervisory authorities.
You can have an employee as a data protection supervisor. Please note that this employee is not allowed to work on management level, he must have specialist knowledge and must enjoy extra protection against dismissal.
External Data Protection Supervisor
Effective Data Protection for your Company
On the other hand, an alternative is to have an external data protection supervisor. We at PLANIT // LEGAL perform all tasks of the external data supervisor. In this function we make sure you receive appropriate data protection organization.
If this does not yet exist, we will build one up together with you. If you have dealt with an external data protection supervisor in the past, we will work seamlessly together.
If you are interested, we will provide you with an individual offer!
European Data Protection Officer
Data protection requirements are not restricted to national borders. European and International companies should therefore in particular consider affiliates located in other EU- and international jurisdictions for their data protection compliance strategy and adjust their data protection compliance organization accordingly. Implementing a European Data Protection Officer is therefore prudent today and will be a direct legal obligation for many companies under the coming EU Data Privacy Regulation.
PLANIT // LEGAL Lawyes have great experience in advising on national and international data protection law as Data Protection Officers. In cooperation with our international partner firms, we have the know-how for tailoring your European or International data protection compliance organization.
Please be in touch for an offer for being your European Data Protection Officer.
Inventory / Audit
We will check your business for compliance with the data protection regulations in force by performing a thorough and comprehensive inventory. In doing so, we will show you ways to adapt in areas which may need adjustment. This includes an in-depth analysis of the relevant documentation regarding data protection, the IT processes employed by the business under scrutiny and the technical and organisational measures for data protection. Moreover, our inventory includes at least one on-site meeting and a concluding joint review of the results.
In the course of the inventory process we generally identify several measures which have to be implemented in order to ensure compliance of your data processing with the Federal Data Protection Act (BDSG). This may include drafting of the required documentation, conclusion of agreements, instruction and training of your staff, and possibly also adaptation of individual operating procedures. In case of an assignment as External Data Protection Officer, we will assist you energetically and efficiently in dealing with the related tasks at hand.