Data protection officer

The Data Protection Act allows companies to self-regulate. Those that appoint a data protection officer and notify the FDPIC that they have done so will be subject to fewer data protection impact assessment requirements. The role of the data protection officer and the person chosen to exercise that role must nevertheless fulfil certain criteria. They monitor a company’s compliance with data protection requirements and provide the data controller with advice on data protection matters.