JISCMail - DATA-PROTECTION Archives

Interesting!

My reading is that the DPO must report to the highest decision making
authority in the organisation (CEO, Board of Trustees, whatever). I
understand that the Germans wanted the DPO to be able to report to the CEO
in order to ensure that s/he could not deny knowledge of any problems and
could be fully accountable.

This does not mean that the DPO is line managed by the CEO. The DPO can be
matrix managed where for most elements they have whatever line manager they
have, but when it comes to access to the CEO there must be no intermediary
so that there is total access allowing total accountability.

A typical configuration in some organisations is that IG managers are not
line managed by the SIRO but they have a relationship where there is a
monthly or fortnightly meeting and the IG manager acts on the delegated
authority of the SIRO. The IG Manager does not need to go through a chain
to reach the SIRO. This is similar, but the authority is higher (assuming
your CEO is not your SIRO).

Bilal Ghafoor
Information Governance Consultant

Bilal Ghafoor
@foikid
07926113401

On 12 January 2017 at 11:33, Dan Palmer-Dunk <[log in to unmask]>
wrote:

> Thank you all for your responses,
>
>
>
> I tend to agree that the GDPR will require the appointed DPO to report to
> an executive member as their line manager, although it seems as though
> differences in organisational structures mean this will have different
> implications (some will need no change, others might require a new role,
> which I think we will).
>
>
>
> I also think that (at least for now) I will suggest SARs being handled by
> the DPO – although we don’t have a large team dealing with info governance
> here.
>
>
>
> The guidance from the A29WP released before Christmas could have been a
> bit clearer!
>
>
>
> Thanks again,
>
>
>
>
>
>
>
> *Dan Palmer-Dunk*
>
> Information Compliance Officer
>
> University of Hull
>
>
> ------------------------------
>
> All archives of messages are stored permanently and are available to the
> world wide web community at large at http://www.jiscmail.ac.uk/
> lists/data-protection.html
>
> Selected commands (the command has been filled in below in the body of the
> email if you are receiving emails in HTML format):
>
>    - Leaving this list: send *leave data-protection* to
>    [log in to unmask]
>    <[log in to unmask]&BODY=LEAVE+data-protection>
>    - Suspending emails from all JISCMail lists: send *SET * NOMAIL* to
>    [log in to unmask] <[log in to unmask]&BODY=SET+*+NOMAIL>
>    - To receive emails from this list in text format: send *SET
>    data-protection NOHTML* to [log in to unmask]
>    <[log in to unmask]&BODY=SET+data-protection+NOHTML>
>    - To receive emails from this list in HTML format: send *SET
>    data-protection HTML* to [log in to unmask]
>    <[log in to unmask]&BODY=SET+data-protection+HTML>
>
> All user commands can be found at http://www.jiscmail.ac.uk/
> help/commandref.htm and are sent in the *body* of an otherwise blank
> email to [log in to unmask]
>
> Any queries about sending or receiving messages please send to the list
> owner [log in to unmask]
> <[log in to unmask]>
>
> (Please send all commands to [log in to unmask]
> <[log in to unmask]> not the list or the moderators, and all
> requests for technical help to [log in to unmask], the general
> office helpline)
> ------------------------------
>
> **************************************************
> To view the terms under which this email is
> distributed, please go to
> http://www2.hull.ac.uk/legal/disclaimer.aspx
> **************************************************
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>      All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>      If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
> All user commands can be found at http://www.jiscmail.ac.uk/
> help/commandref.htm
>  Any queries about sending or receiving messages please send to the list
> owner
>               [log in to unmask]
>   Full help Desk - please email [log in to unmask] describing your
> needs
>         To receive these emails in HTML format send the command:
>          SET data-protection HTML to [log in to unmask]
>    (all commands go to [log in to unmask] not the list please)
>     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
>

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^