Fonte: CMS Wire
Shane Edmonds, CTO of etouches, was never unclear about whether he needed to have a Data Protection Officer (DPO) in place to satisfy the EU’s General Data Protection Regulation (GDPR), which is going into effect later this year. It was a no-brainer from his perspective. Half of etouches’ customers are international and 25 percent are based in Europe. Furthermore, as an events and meetings platform, etouches is all about processing and analyzing customer data. “We service enterprise clients that have over 5,000 users so there was little doubt in our mind that we needed to do this,” said Edmonds.
But not all companies have Edmonds’ confidence they are making the right decision about whether they need a DPO. The section about DPOs is a vaguely written component in what is a complex and multi-faceted regulation.
What Is A Data Protection Officer?
The role is a formal one mandated by the GDPR — although not all companies automatically need to have one in place. But if they do, this person is to serve as an independent advocate for the proper treatment of the customer’s information. A DPO is a relatively unusual role that can be best likened to that of an internal regulator or auditor, according to Robin Bloor, Chief Strategy Officer at Algebraix. A DPO may protect the company from violating European regulations but its primary responsibility is to ensure that the company has and operates systems that enable GDPR to be implemented. “The DPO’s responsibility is to ensure that such systems are built, and that people are employed to run them, particularly to respond to customer complaints and queries,” he said.
Clique aqui e leia a matéria completa.