Companies Must Have a Data Privacy Officer

Article For You

Companies Must Have a Data Privacy Officer

Employers in the U.S. that must comply with the European Union (EU) General Data Protection Regulation (GDPR), which takes effect May 25, are struggling with the requirement to appoint a data protection officer. They also face grappling with the GDPR’s #0excludeGlossary notification requirement upon discovery of a qualifying breach.

According to an Association of Corporate Counsel (ACC) Foundation report, The State of Cybersecurity Report: An #1excludeGlossary Perspective 2018, released in May, most (62 percent) of the surveyed 617 #2excludeGlossary lawyers at more than 412 companies in 33 countries are using current staff to function as data protection officers.

Fourteen percent of survey respondents didn’t know how the company was addressing the GDPR requirement to hire a data protection officer. If a data protection officer is someone within an organization, he or she should be an expert on GDPR and data privacy and the person most likely to have the requisite expertise is a chief privacy officer.

 

Data Protection Officer

The requirement to hire or appoint a data protection officer applies if a business is engaged in large-scale data processing, but there is no real guidance on what that means, according to Philip Yannella, an attorney with Ballard Spahr in Philadelphia. If a business decides it will hire a data protection officer, it needs to decide if:

Eight percent are hiring a #5excludeGlossary data privacy officer, while 5 percent are hiring an outside privacy officer, and 5 percent are using an independent company. A data protection officer can’t be fired because of the decisions he or she makes in that role. That spooks some U.S. companies, which are used to employment at will, he noted.

However, a data protection officer must act independently of the company. Consequently, it’s tricky for an employee to be a chief privacy officer, who is constantly making decisions on behalf of the company, and a data protection officer. While the employer could not fire the chief privacy officer because of what he or she decides as a data protection officer, it could fire him or her for subpar performance in other job responsibilities.

Hiring a data protection officer internally in Europe has its advantages. Someone in Europe is more likely to have a greater familiarity with EU privacy law. In addition, it’s easier for someone in Europe to liaise with privacy regulators, he noted.

Breach Notification

The GDPR will require that notifications of data breaches are made within 72 hours of discovery. This requirement is much quicker than under U.S. state laws and states typically require breach notification generally without undue delay or in a reasonable time – 30 days is the quickest period of any state. Florida has a #30excludeGlossary requirement.

When asked in a survey if respondent companies had determined how they would meet the 72-hour notification requirement, 37 percent said no, while only 34 percent said yes. Large companies were more likely to know how to respond to this requirement than smaller ones.

Companies that are technically covered by GDPR but don’t have many contacts in Europe are struggling the most and aren’t sure why they have to comply, particularly when the law is so broad and its penalties are so onerous. ACC survey respondents said that the primary point of contact for a breach was the:

One in 10 respondents said that the company did not have a single point of contact, and 5 percent didn’t know who that person was. When asked whether they had cybersecurity insurance coverage, only 56 percent of respondents said they did.

Let us know what you think.

"GC Insider" Newsletter

Hi Green CulturED Reader, we hope you appreciated this cannabis industry content & we’re proud to offer our industry-leading cannabis education completely free to access on various platforms since we believe in the “Power of Knowledge” & its critical role in shaping a sustainable, compliant & successful cannabis industry.

Before you continue, I wanted to ask if you would consider supporting Green CulturED. In these transformative times for the cannabis sector, reliable, fact-based cannabis education is crucial. Your support allows us to remain independent, deliver accessible training, and continue offering content that empowers professionals and enthusiasts alike.

As the cannabis industry continues to evolve – from shifting regulations to new consumer demands – our educational content equips learners with the latest knowledge to navigate this rapidly growing field. We’ve never been more dedicated to providing comprehensive training for dispensaries, cultivators, and cannabis professionals who are committed to staying compliant, informed, and ahead of the curve.

Yet, the cannabis industry is controlled by a few dominant voices, from major operators to regulatory bodies, which can make it challenging to access unbiased, high-quality training. Green CulturED stands apart – we are driven by a passion to serve the cannabis community without outside influence. Our mission is not swayed by shareholders or profit motives; we’re here to offer you the best educational resources that promote both compliance and innovation.

We also avoid the common pitfall of cannabis industry content – rushed and incomplete information – by striving for the highest standards in cannabis training. Our focus is on accuracy and relevance, which is why so many cannabis professionals in the industry trust us.

From regulatory changes to cultivation techniques, our training courses and resources contextualize, investigate, and highlight the critical topics shaping the cannabis world today. As a global eLearning organization focused solely on cannabis, we can offer unique perspectives that help individuals and businesses thrive in this complex and ever-changing landscape.

Around the world, learners can access Green CulturED’s free educational resources thanks to our learner-supported model… this is possible because of people like YOU. Your contributions help us provide tuition-free training without any external influences and accessible to everyone – whether they can afford to pay for their education or not.

Responses

Report

For reporting any form of inappropriate behavior, including but not limited to bullying, threatening comments, intimidation, stalking, or repeated harassment so this is any actions or communications that make a member feel unsafe or targeted.
For reporting fake accounts or profiles that are mimicking another individual or organization so this includes any unauthorized use of someone’s identity or falsely claiming to represent another person or group.
For flagging any offensive, vulgar, or non-compliant content, including but not limited to hate speech, discriminatory remarks, graphic violence, adult content, or any material that violates community guidelines or local laws.
For reporting posts or comments that spread false, misleading, or unverified information so this includes inaccurate claims, conspiracy theories, or content intended to deceive or mislead others within the community.
For reporting unsolicited advertisements, repetitive or irrelevant posts, or any content that disrupts the flow of conversations with non-contributory material so this includes posts promoting external products or services without relevance to the community.

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .
Do NOT Grow Another Plant Until You've Enrolled Into This! 💯
Cannabis Horticulture
A Carefully Curated Cultivation "Crash Course" On Everything You Need To Crank Out High-Yielding, "Cannabis-Cup Winner" Flowers That'll Generate HUGE Crops All-Year Long
Crafting Cannabis-Infused Edibles Takes MORE Than Ingredients... 🍽️
Edible Cannabis Products (100% FREE Training)
Enthusiasts Face Challenges Navigating An Ever-Expanding Array Of Cannabis Products & Delivery Methods From "Raw Flower" Smoothies To Infused-Edibles, Cannabinoid-Based Drinks + MORE.