Professional activity

 
 

The objective of the training of the Data Protection Officer

is to provide him/her with specialized knowledge of data protection law and practice, even if he/she does not have a degree in law.

Consequently, the necessary knowledge, abilities or skills that the person to be certified must know or possess in order to carry out each of the functions of the position of Data Protection Officer have been identified.

 
 

DPD training should provide the necessary knowledge to be able to:

 
Grupo 30
Collect information to determine treatment activities.
Grupo 29
Analyze and check compliance of processing activities.
Grupo 28
Inform, advise and issue recommendations to the controller or processor.
Grupo 25
Collect information to monitor the recording of processing operations.
Grupo 26
Advise on the application of the principle of data protection by design and by default.
Grupo 27
Advise on:

  • Whether or not to conduct a data protection impact assessment.
  • What methodology should be followed when conducting a data protection impact assessment.
  • Whether to carry out the data protection impact assessment in-house or outsourced.
  • What safeguards (including technical and organizational measures) to implement to mitigate any risk to the rights and interests of data subjects.
  • Whether or not the data protection impact assessment has been carried out correctly and whether its conclusions (whether or not to proceed with the processing and what safeguards to apply) are in compliance with the Regulation

Grupo 24
Prioritize your activities and focus your efforts on those issues that present the greatest data protection risks.
Grupo 22
Advise on which in-house training activities to provide to staff and managers responsible for data processing activities and to which processing operations to devote more time and resources:

  • What methodology to follow when conducting a data protection impact assessment.
  • Which areas should be subject to internal or external data protection audit.
  • What internal training activities to provide to staff or managers responsible for processing activities.
  • Which data and which processing operations to devote more time and resources to.

Grupo 23
Intervene in case of complaints to the data protection authorities.
 

Important


All pre-requisites and requirements established by ANF AC, corresponds to what is established by the DPO-AEPD Scheme.