Data Protection Officer
What is this?
Certain organisations from May 2018 are now required to appoint a Data Protection Officer (DPO) or have access to a service that provides this function.
As a role/service this is a new profession which will continue to develop over the coming months and years.
Where we provide this service (and because this is a developing profession), we incorporate a practical approach to ensure that staff are correctly supported BUT there is always a high degree of objectivity. The DPO is legally required to make decisions that comply with data protection legislation and that may at times mean they provide a decision or answer that an organisation may not “like”.

Our primary function is to:
- Ensure that an organisation meets its data protection obligations
- Review data sharing activities
- Undertake and review Data Protection Impact Assessments (DPIA)
- Act as the first point of contact for the Information Commissioner
- Act as the first point of contact for data subjects
GRG is a member of NADPO
GRG provides a DPO Service to:
- Exemplar Health Care (all the care homes within the group)
- FDS Consultants
- Fetal Medicine Foundation/Fetal Medicine Center
- Kings Fertility Ltd
- NHS Walsall Clinical Commissioning Group
- The Stoneygate Eye Hospital
We also provide support to other DPO Services as part of our extensive network.