Outsourced data protection officer

Mazars provides outsourced data protection officer (DPO) services to organisations that do not wish to directly employ a DPO

Under Article 37 of the GDPR certain organisations are mandated to employ a Data Protection Officer. The role as defined is broad in nature and is required to be at a senior level in the organisation. Many organisations find it hard to attract and retain a DPO that meets the criteria and where they are able to do this, can struggle to justify the expense of such a person on a fulltime basis.

Recognising this challenge the GDPR allows for the DPO to be provided by an external service provider. Mazars in Ireland are providing outsourced DPO services. Our multi-disciplinary team members hold GDPR certificates and have capabilities in:

  • GDPR operational processes
  • IT security and cyber security
  • Breach response
  • Regulatory engagement and communication
  • Security by design and data protection impact assessments
  • Internal controls definition and testing
  • Legal interpretation of GDPR
  • Information technology
  • Current privacy legislation, guidance and case law

By outsourcing the DPO service you will:

  • Reduce the cost associated with a DPO
  • Avoid the DPO becoming a key person dependency
  • Have confidence that you can access the full breath of capabilities required of the DPO
  • Quickly access specialised consultants that know your organisation where there is a data breach or other impacting event
  • Benefit from the Mazars GDPR and Privacy Centre of Excellence that tracks regulatory and legal judgements. This enables clients to update policies and processes to maintain compliance
  • Have access to the Mazars DPO toolkit
  • Meet the independence requirements for the DPO role