DATA PROTECTION
GDPR: the Italian Data Protection Authority issues new guidelines for DPO in the public sector.
What is the actual role of the Data Protection Officer in the Public Administration? What qualifications and what kind of professional experience should they possess? When is it incompatible with other positions or can it run into situations of conflict of interest? How should he be supported and involved, and for what tasks?
These and many other questions are answered by the Italian Data Protection Authority in a document addressing the designation, position and duties of the Data Protection Officer (Rpd) in the public sphere.
The need to provide clarification was necessary because, three years after the full application of the EU General Data Protection Regulation, there are still several uncertainties that prevent the definitive affirmation of this important figure, mandatory for the public sector. The DPO is an essential reference for guaranteeing a correct approach to data processing, especially now that public administrations are increasingly stressed by the challenge of "digital transformation".
An experienced and competent DPO, able to carry out their duties with autonomy of judgment and independence, represents in fact, even in the current period of health emergency, a fundamental resource for administrations and a valid point of contact for the Authority. The policy document will be sent to the top management of national and territorial administrations and to the representative organizations of the public sector, so that they can promote its wider dissemination.
In addition to the document addressed to the PA, the talian Data Protection Authority updated the FAQ regarding the private sector. Even in this context, the DPO, while presenting significant differences with respect to the world of public administrations, plays a fundamental role. It is in fact a figure called to perform support, control, consultative and training functions, who must be adequately involved in all activities concerning data protection in the company.
The updated Faqs are also available.
(Source: Web site garanteprivacy.it – Author and Ownership of the contents: Italian Data Protection Authority).
These and many other questions are answered by the Italian Data Protection Authority in a document addressing the designation, position and duties of the Data Protection Officer (Rpd) in the public sphere.
The need to provide clarification was necessary because, three years after the full application of the EU General Data Protection Regulation, there are still several uncertainties that prevent the definitive affirmation of this important figure, mandatory for the public sector. The DPO is an essential reference for guaranteeing a correct approach to data processing, especially now that public administrations are increasingly stressed by the challenge of "digital transformation".
An experienced and competent DPO, able to carry out their duties with autonomy of judgment and independence, represents in fact, even in the current period of health emergency, a fundamental resource for administrations and a valid point of contact for the Authority. The policy document will be sent to the top management of national and territorial administrations and to the representative organizations of the public sector, so that they can promote its wider dissemination.
In addition to the document addressed to the PA, the talian Data Protection Authority updated the FAQ regarding the private sector. Even in this context, the DPO, while presenting significant differences with respect to the world of public administrations, plays a fundamental role. It is in fact a figure called to perform support, control, consultative and training functions, who must be adequately involved in all activities concerning data protection in the company.
The updated Faqs are also available.
(Source: Web site garanteprivacy.it – Author and Ownership of the contents: Italian Data Protection Authority).
