GDPR DPO Outsourcing

Data Protection Officer (DPO) as a service

The General Data Protection Regulation (GDPR) continues to challenge fund boards and their investment managers in the European Union due to its complexity and the consequences of non-compliance.

Waystone provides a range of tailored services to suit the specific needs of your fund and organisation. We will begin with an assessment of in-scope activities and functions and then recommend an appropriate solution that may include the following:

Provision of a Data Protection Officer

A Data Protection Officer (DPO) is a regulatory requirement under GDPR for certain organisations whose core activities include the regular and systematic large-scale monitoring of data subjects, with examples including assessments for fraud prevention and the detection of money laundering.

The key responsibilities of a DPO include:

• informing and advising the organisation of its obligations
• monitoring compliance with the GDPR and an organisation’s own policies
• providing advice on Data Protection Impact Assessments and monitoring performance
• liaising with the supervisory authorities
• acting as a contact point for supervisory authorities and data subjects.

A DPO must have expert knowledge of data protection law and practices. In addition, the DPO should also be independent, which can be difficult if the role is filled internally.

If you have any questions, or would like to discuss your data protection requirements with us further, please  contact us below.