Data Protection Officer

Data Protection Officer


What is this?

Certain organisations from May 2018 are now required to appoint a Data Protection Officer (DPO) or have access to a service that provides this function.

As a role/service this is a new profession which will continue to develop over the coming months and years.

Where we provide this service (and because this is a developing profession), we incorporate a practical approach to ensure that staff are correctly supported BUT there is always a high degree of objectivity.  The DPO is legally required to make decisions that comply with data protection legislation and that may at times mean they provide a decision or answer that an organisation may not “like”.

Our primary function is to:

  • Ensure that an organisation meets its data protection obligations
  • Review data sharing activities
  • Undertake and review Data Protection Impact Assessments (DPIA)
  • Act as the first point of contact for the Information Commissioner
  • Act as the first point of contact for data subjects

We are members of the National Association of Data Protection Officers.

Who do we provide DPO Services to?

GRG provides a DPO Service to:

  • Dudley & Walsall Mental Health Trust
  • Exemplar Health Care (all the care homes within the group)
  • FDS Consultants
  • Fetal Medicine Foundation/Fetal Medicine Center
  • Kings Fertlity Ltd
  • NHS Benchmarking
  • NHS Walsall Clinical Commissioning Group
  • Nottingham CityCare
  • The Stoneygate Eye Hospital

We also provide support to other DPO Services as part of our extensive network.