I don’t think there is much doubt that GDPR is complex, confusing, and requires a
level of technical expertise to implement. The number of training courses
available and new GDPR Consultants suggests that there will be a huge
opportunity for well trained professionals to establish themselves as BDOs over
the coming months. However how will SMEs and Micros cope with the demands
of GDPR?
As a text marketing company we are working hard to ensure we are GDPR
complaint and will have our own DPO and compliance processes. We have
recently been asked to act as DPO for a number of our customers. So the
question is – is this viable? Does this meet GDPR compliance requirements?
Article 29 specifically allows multiple organisations to share a DPO; companies
can employ an external DPO as long as there is a service contract; and DPOs have
a high degree of protection under GDPR against breaches by the organisation.
So, if you are a recently qualified GDPR consultant [not going to debate the whole
‘certified’ thing here], then maybe setting up as a virtual DPO is the way to go?
Huge benefit to everyone concerned, small companies get the support they need
without the expense, consultants start to act like GDPR Accountants/Auditors –
everyone’s happy!
Going to book my Accredited Official DPO Certified course immediately!
Good luck all