As we approach the first anniversary of the General Data Protection Regulation (GDPR) organisations are evaluating the approaches they have adopted for the provision of the Data Protection Officer role.  By virtue of statute, these roles are independent of management and can be provided for by either an employee, contractor or a service provider.

B2E can help!

Problems

Staffing the DPO role with an employee or contractor typically imposes a number of indirect and hidden costs:

• Sick pay, notice periods, gardening leave, employer NI and pension contributions
• Lack of handover continuity gaps in support, lack of availability while on holiday and on sick leave and lack of right of substitution
• Breadth of skills required rarely found in a single person, liability for mistakes absorbed by the business rather than through supplier insurance

Solution

DPO as a Managed Service addresses these issues. Our core team of former regulators and statutory DPOs from legal, regulatory, operations, engineering and commercial backgrounds provide the hybrid delivery capabilities typically lacking in any single individual.

B2E discharges the DPO mandate at a higher quality and lower cost point than either a single contractor or employee can achieve.

Organisations should also note that the GDPR’s digital sister (e-Privacy Regulation) is some months away from adoption. This regulation places a new set of requirements for CMOs & CTOs in particular and requires a GDPR like transformation exercise. B2E is first to market with a e-Privacy delivery model. This can be delivered independently, or packaged within DPO service model , which will minimise the incremental cost.

B2E Consulting’s Data Protection Officer Managed Service can also be configured to complement any inhouse Privacy Office.

DPO Managed Services

We provide the Managed Service either through secondment of an experienced DPO, or subscription to a service plan at 3 levels:

Bronze: basic mandatory obligations
Silver: bronze plus on-site support
Gold: silver plus effectiveness and efficiency

DPO Managed Services provides:
Competence – far better access to skills and industry leading expertise

Cost / Performance Management – limits an organisation’s obligation to the term of the contract rather than open ended employment contract

Transparency – through service level agreement

Integrity – independent guidance without conflict of interest

Assurance – every client receives a maturity assessment

About the author, Steve Kenny

Steve Kenny is the B2E Consulting Principal leading the Data Protection Service Offering.

Steve has 20 years data protection experience at the highest levels as a former national and supranational privacy regulator. He was European Privacy Head for eBay and PayPal, built KPMG’s European privacy service line, and has held/holds statutory DPO appointments across 6 Data Protection Authorities