By joint resolution of 24/25 November 2010, the German data protection authorities ("DPAs") have set minimum requirements for the competency and independence of company data protection officers ("DPOs"). The initiative follows inspections carried out within companies that revealed a generally insufficient level of competency among DPOs, and of data controllers' organizational framework and resources for data protection compliance, given the increasing complexity of automated processing of personal data and the requirements of the Federal Data Protection Act.
The DPAs emphasize that a DPO's workload and responsibilities depend in particular on the size of the data controller, the number of data controllers supervised by the individual DPO, particularities of industry-specific data processing, and the level of protection required for the types of personal data being processed.
The resolution sets out the following minimum requirements with respect to competency and independence of DPOs, as well as to the data controllers' organizational framework and resources for data protection compliance:
Please see full Alert below for further information.
Firefox recommends the PDF Plugin for Mac OS X for viewing PDF documents in your browser.
We can also show you Legal Updates using the Google Viewer; however, you will need to be logged into Google Docs to view them.
Please choose one of the above to proceed!
LOADING PDF: If there are any problems, click here to download the file.