Data breach reporting: oversight
The ICO (Information Commissioner’s Office) requires you to identify the DPO (data protection officer) or senior person responsible for data protection in your organisation when you report a personal data breach.
Under the EU GDPR (General Data Protection Regulation), certain organisations must appoint a DPO, a role whose position and tasks are defined in Articles 38 and 39 of the Regulation.
Even if you are under no obligation to appoint a DPO, it is often worth assigning responsibility for data protection to an individual, even if you do not call them a DPO.
Many organisations find it challenging to meet their DPO responsibilities, given the breadth of knowledge required, which is why you can also outsource the function to an external DPO. If you have someone who can take on the role, it would be beneficial for them to attend DPO training to give them the practical knowledge required.
Save up to 20% our Breach Essentials Bundles
Minimise your data breach risk and meet your DPO responsibilities with our range of tailored bundles designed to help you at every stage of the data breach readiness cycle – from threat detection and prevention to protection, response and recovery solutions.
Find out more
Discover our range of solutions
We are able to train your DPO, or act as your DPO, depending on your needs.
DPO as a service (GDPR) is a practical and cost-effective solution for organisations that do not have the data protection expertise and knowledge to fulfil their DPO obligations under the GDPR.
Find out more