Data Protection Officer

What is this?

Some organisations from May 2018 have been required to appoint a Data Protection Officer (DPO) or have access to a service that provides this function.

Where we provide this service , we implement a practical approach to ensure that staff are correctly supported BUT there is always a high degree of objectivity.  The DPO is legally required to make decisions that comply with data protection legislation and that may at times mean they provide a decision or answer that an organisation may not “like”.

We acknowledge that changes to data protection legislation may remove the need for this role and we continue to “watch this space” as things evolve.

@01/24, any changes may be based on whether there is an election and change of government.

Our primary function is to:

  • Ensure that an organisation meets its data protection obligations
  • Review data sharing activities
  • Undertake and review Data Protection Impact Assessments (DPIA)
  • Act as the first point of contact for the Information Commissioner
  • Act as the first point of contact for data subjects

GRG is a member of NADPO

GRG provides a DPO Service to:

  • Exemplar Health Care (all the care homes within the group)
  • Fetal Medicine Foundation/Fetal Medicine Center
  • Kings Fertility Ltd
  • The Stoneygate Eye Hospital
  • NHS organisations

We also provide support to other DPO Services as part of our extensive network.