Data Protection Officer

What is this?

Certain organisations from May 2018 are now required to appoint a Data Protection Officer (DPO) or have access to a service that provides this function.

As a role/service this is a new profession which will continue to develop over the coming months and years.

Where we provide this service (and because this is a developing profession), we incorporate a practical approach to ensure that staff are correctly supported BUT there is always a high degree of objectivity.  The DPO is legally required to make decisions that comply with data protection legislation and that may at times mean they provide a decision or answer that an organisation may not “like”.

We acknowledge that changes to data protection legislation may remove the need for this role and we continue to “watch this space” as things evolve.

@01/24, any change may be based on whether there is an election and change of government.

Our primary function is to:

  • Ensure that an organisation meets its data protection obligations
  • Review data sharing activities
  • Undertake and review Data Protection Impact Assessments (DPIA)
  • Act as the first point of contact for the Information Commissioner
  • Act as the first point of contact for data subjects

GRG is a member of NADPO

GRG provides a DPO Service to:

  • Exemplar Health Care (all the care homes within the group)
  • Fetal Medicine Foundation/Fetal Medicine Center
  • Kings Fertility Ltd
  • The Stoneygate Eye Hospital

We also provide support to other DPO Services as part of our extensive network.