DPO’s business will evolve on May 25, 2018 towards the Data Protection Officer (DPO) or in French the “Data Protection Officer”. It is therefore necessary for the current DPOs to be trained in this new European regulation and the new missions they are assigned to it.
The future DPO ensure the proper application, in the body that uses it, of the law “Informatique et Libertés” on the protection of personal data of the European regulation.
He is an employee of an organization whose volume and importance of files to manage justify the use of a DPO full time. It can also be an external stakeholder or in a shared way with the body that employs it.
The first mission of DPO is to enforce the letter and the spirit of the law Informatique et Libertés by the organization which employs it. It ensures the security of the personal data contained in the databases of all departments of the organization and their conditions of use.
It must guarantee the transparency and legality of data processing. These data may concern the staff of the organization, but also its customers and users, and anyone concerned by its field of activity.
DPO informs its manager of any violation of the law and reviews its activity every year. He is the privileged interlocutor of the CNIL (National Commission for Informatics and Liberties).
At the same time, the DPO must also train the staff of the organization in the Data Protection Act. This dual role requires both firmness and diplomacy.