Now that you have learned about the key principles of GDPR and data protection, it is time to look at the role and responsibilities of a data protection officer.
Here’s a recap of what you learned in the previous unit.
- There is a strong focus on accountability and compliance under GDPR.
- Schools will need to be able to evidence compliance.
- The use of a single compliance document enables evidence and ease of access.
- Undertaking a self-assessment questionnaire and information audit allows you to create an action plan.
- You were shown how to undertake an information audit to understand the data already stored in the school.
- Privacy notices should be prepared to comply with GDPR.
- You learned the requirements to deal with subject access requests.
Aims and outcomes
- Understand the difference between a data controller and a data processor.
- Consider who can be a data protection officer.
- Learn about the role of the data protection officer.
- Consider options for appointing a data protection officer.
- Plan the next stages for the school.
This final unit examines what is expected of a data protection officer in adhering to the GDPR.
Step 1: Data controller or data processor?
Step 2: Data protection officers?
Step 3: Appointing a data protection officer
Step 4: Moving forward
Step 5: Summary
End of Unit 4 quiz