Virtual DPO
Introduction
GDPR requires that the DPO operates independently and without instruction from their employer over the way they carry out their tasks (such as instructions on what result should be achieved, how to investigate a complaint or whether to consult the ICO). Although GDPR allows DPOs to conduct other tasks and duties, organisations must ensure that these do not result in a conflict of interest with their DPO duties.
A Data Protection Officer (DPO) is a person within an organisation who is responsible for:
An organisation must appoint a Data Protection Officer if:
Hiring a virtual DPO has many advantages, the most common being the cost effectiveness:
- Informing and advising the organisation and its employees of their data protection obligations.
- Monitoring the organisation’s compliance with the GDPR and internal data protection policies and procedures.
- Advising on whether a DPIA (Data Protection Impact Assessment) is necessary, how to conduct one and the expected outcomes.
- Serving as the contact point for the Information Commissioner’s Office (ICO) on all data protection issues (including data breach reporting).
- Serving as the contact point for data subjects on privacy matters, including subject access requests (SAR).
An organisation must appoint a Data Protection Officer if:
- It is a public authority or body.
- It’s core activities require large scale, regular and systematic monitoring of individuals
- It’s core activities require processing of special category data or data relating to criminal convictions and offences.
Virtual DPO
A Virtual DPO is a practical and cost-effective solution for organisations that don’t have the expertise and knowledge to fulfil their DPO obligations under the DPA 2018 and GDPR. By outsourcing the tasks and duties usually conducted by a DPO, you get access to expert advice and guidance that satisfies the compliance demands of the GDPR, allowing you to focus on your main business activities.Hiring a virtual DPO has many advantages, the most common being the cost effectiveness:
Benefits
Cost Effective - only pay for the time working with you.
Expertise - have a lot of experience with data protection.
Independent - free of internal politics and conflicts.
Connections - have many connections with vendors and industry professionals.
Services
Jovasi Technology can help your organisation comply with the requirements of GDPR and data protection regulations. Our Virtual DPO service is available in two packages to suit your organisation:DPO Basic
- Free customised policies & forms.
- GDPR compliance certificate.
- Telephone & e-mail support.
- First point of contact for ICO.
- Managing SAR requests (max 6/yr).
- Audit of data processes (2 sources).
From £2,500/yr +VAT
DPO Advanced
- Free customised policies & forms.
- GDPR compliance certificate.
- Telephone & e-mail support.
- Remote support.
- First point of contact for ICO.
- Managing SAR requests (max 36/yr).
- Audit of data processes (5 sources).
From £6,000/yr +VAT
All our Virtual DPOs are CISSP qualified and are certified GDPR assessors through IASME.
Datasheet
Virtual DPO Datasheet (287Kb)Frequently Asked Questions
- Do I need a DPO?Please see the diagram on this page for more information. There are 3 main points to consider: It is a public authority or body, does it's core activities involve processing personal data and does it's activities involve processing special category data.
- How much will I save?Whilst most companies probably use an existing member of staff to conduct the duties of a DPO, a suitably trained person will earn between £30k-£50k a year (not including extras). Our virtual DPO service starts from £2,500 a year - which is a considerable saving.
- What if I require more help?Don't worry - you can pay for additional help on a daily basis (with prices starting from £550 per day).
- Can you provide training?Yes, of course. Our data protection experts have years of training experience. This can be included within the included onsite visit days, or additional days can be purchased from £650 per day.