One of the most publicized provisions of the European General Data Protection Regulation (“GDPR”) was the requirement that certain companies had to appoint a Data Protection Officer (“DPO”). The concept of a DPO was not new. Germany had for years required that most companies that processed personal data appoint a DPO, but the GDPR dramatically expanded the quantity of companies required to appoint a DPO and brought renewed attention to the role.
Please see full publication below for more information.