a chief privacy officer (CPO)
When acting in this capacity, CyTRAP Labs confirms any course of action that it will take regarding technology, security procedures, baseline measures and metrics with a client beforehand.
The board—under for instance Sarbanes-Oxley, SEC regulations, and the Realignment of the Swiss OR – Art 727 OR: (Art 728a Para 1 Nr. 3 OR) —is responsible for evaluating the effectiveness of privacy programs throughout the enterprise and must assess the risks related to these. Board members and/or the CEO can be subject to prosecution for privacy violations (e.g., Germany).
General purpose
The privacy officer oversees all ongoing activities related to the development, implementation, maintenance of, and adherence to the organization’s policies and procedures covering the privacy of, and access to, personal data (i.e. defined as data that allows one to identify the person with such as birth date, name and old age pension number) in compliance with federal and state laws and the organization’s information privacy practices.
Role of the privacy officer
The first step for an organization when undertaking privacy compliance measures should generally be to allocate a privacy officer. The role of a privacy officer should be to ensure that an organization complies with its privacy obligations and to act as a point of contact, internally and externally, for all issues relating to privacy.
An important part of a privacy officer’s role is to communicate with other organizations, entities and persons in order to keep up to date with changing privacy requirements and to ensure that third parties (such as agents, contractors, suppliers and subsidiaries) comply with their contractual privacy obligations.
Running the privacy function
Important is to understand that these tasks and jobs must be done regardless whether the position is being kept in-house or is being outsourced (see more in running a successful privacy function.
For more information, contact us directly
Pingback: CyTRAP Labs - EU-ReguStand » Blog Archive » 2 outsourcing and gaining benefits - starting out - privacy
Pingback: CyTRAP Labs - mobiles Arbeiten und KMUs » Blog Archive » a 1×1 des betrieblichen Datenschutzes