In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we consider recent decision by the Belgian Data Protection Authority which imposed a fine of €50,000 ($54,203) on an un-named organization for non-compliance with the GDPR conflict of interest requirement; in the selection of its Data Protection Officer (DPO).  Some of the highlights are:

  1. What were the issues and interests involved in this case?
  2. What are the requirements for a DPO under GDPR?
  3. How and why was the company ‘seriously negligent’?
  4. What are the implications going forward?
  5. What is this decision’s precedential value?
  6. How much expertise, authority and autonomy must a DPO have going forward?

Check out the Cordery Compliance, client alert on this case, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.