Before May 2018, it was assumed that any organisation was compliant with data protection laws unless non-compliance was identified through evidence or an investigation.
With the current data privacy regulations, it is the responsibility of an organisation to prove that they are compliant with relevant, applicable EU and host nation data privacy law(s).
Under relevant data privacy regulations such as the GDPR or other applicable host nation data privacy laws , regulators can fine companies that do not meet the respective criteria up to 20 million EUR / 17.5 million GBP or 4% of a company's global revenue – whichever is greater (Article 83 para. 5 GDPR).
Article 37 of the GDPR requires that some organisations appoint a DPO (data protection officer) to monitor and assess the company's data compliance. However, many companies are also opting for an outsourced DPO to profit from its benefits.
In this article, we will explain which outsourced DPO services are available and why opting to outsource your DPO can be a real asset for your organisation.