Followers

Friday, 2 December 2016

Where should the new mandatory DPO sit?

Source: iapp.org --- Thursday, December 01, 2016
Privacy works best when the right person is in the right place, at the right time, asking the right questions. That's according to Microsoft CPO Brendon Lynch, CIPP/US, who spoke in Brussels recently alongside IAPP Publications Director Sam Pfeifle and Accenture Senior Director of Data Privacy Florian Thoma, FIP, CIPM, CIPP/E, CIPP/US. Lynch and Thoma were at the IAPP's Data Protection Congress to talk about the role of the mandatory data protection officer. Under Article 37 of the General Data Protection Regulation, public authorities, as well as entities whose core activities involve "regular and systematic monitoring of data subjects on a large scale," or that control or process special categories of personal data, must designate a DPO . Separate and distinct from legal privacy affairs at Microsoft, Lynch sits within the corporate External and Legal Affairs office. He said when he looks at the future role of a DPO, he sees it as relatively similar to his role, but also as part of the privacy office, itself. Thoma said the DPO role at his company is distinctly different from him, but the two work together on projects frequently. "My hope is certainly that it's not this niche independent role, because that has all the potential to be less strategic if you're not involved in decision making and just adjudicating after the fact." -Brendon Lynch, Microsoft The DPO's role, in part, will be to communicate with and be a representative ...



from Microsoft http://ift.tt/2gtE7GI

No comments:

Post a Comment