• Conduct internal audit to monitor data protection policies
  • Data protection officer should assist organization to conduct an internal audit to monitor and evaluate the overall implementation of their data protection policies and processes.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Establish risk reporting structure
  • Data protection officer should assist the organization to establish an enterprise risk management framework with reporting mechanisms (i.e. regular risk reporting and internal audit) as part of their data protection measures.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Review organization’s data protection policies and practices
  • Data protection officer should review their data protection policies and practices to enable them to identify data protection gaps and the appropriate remedies.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Notify stakeholders on changes to data protection policies and practices
  • Data protection officer should keep stakeholders apprised of the changes to their policies or practices as part of their training and communication plan. An organization’s data protection policies and practices should be accessible.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Manage personal data protection related queries and complaints
  • DPO should develop processes for handling queries or complaints from the public. Under the access and correction obligations of the GDPR, a member of the public may request access to his/her personal data under the organization’s possession or make enquires about the way his/her personal data has been used over the past years.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Monitor the organization’s compliance
  • The data protection officer is tasked with a very onerous and wide-ranging responsibility to deal with and monitor compliance across the ranging to deal with and monitor compliance across the data controller or processor organization.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Keep your employees informed of internal personal data protection processes and policies
  • Conduct a briefing to inform your employees of the obligations under the GDPR. Ensure that they are aware of any new developments, as well as any existing laws and contracts that may affect the personal data under your organization’s care.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Conduct a risk assessment exercise to flag out any potential data protection risks, and put in place data protection policies to mitigate those risks
  • Review data protection risks within your organization and come up with mitigating measures to address these issues. For example, your organization may wish to consider carrying out regular internal audits to ensure that its processes adhere to the data protection laws. In the case of a breach, your organization should also have processes and measures in place to respond to such situations.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Map out organization’s personal data inventory
  • Review your organization’s data management framework and processes to align them with the data protection laws, for example, determining how, when and where your organization collects personal data, the purposes for the data collection, and ensuring that consent has been obtained for the collection, use and disclosure of the data.
  • Read More

    General Data Protection Regulation

    Data Protection Officer

  • Policy, Protocols and Procedures
  • The MeD has essential functions that consist of developing, approving, and updating the general institutional policy, protocols, and procedures. Moreover, the MeD must ensure that adequate implementation of these processes is achieved according to predefined standards.
  • Read More

    Privacy Policies and Procedures

    Medical practice director

  • 1
  • 2
  • 3
  • 4
  • …
  • 17
  • 18
  • 19