Data protection

Security and compliance through an external data protection officer

Since May 25, 2018, the European General Data Protection Regulation (GDPR) has been directly applicable in the EU member states and has thus largely replaced national data protection laws.

The GDPR has led to companies having to review and improve their data protection measures in order to meet the new requirements and avoid fines.

To ensure that you are optimally positioned in terms of data protection law, we offer comprehensive information and advice on data protection issues. We are also happy to provide you with an external data protection officer.

Data protection - Medical professions - InternWirtschaftsrecht

Why is data protection important?

The protection of personal data is of more importance today than ever before. The BDSG and GDPR require companies to act appropriately to ensure the confidentiality and integrity of their customers’ and employees’ personal information. Data protection violations can not only lead to high fines, but also disturb the trust of your customers and business partners.

The advantages of an external data protection officer

Every company in Germany with 20 or more employees, who are regularly involved in automated data processing, requires an internal or external data protection officer in accordance with the GDPR.

An external data protection officer offers a number of advantages over an internal data protection officer.

Nevertheless, what are the tasks of a data protection officer?

The tasks of a data protection officer

The tasks of the data protection officer include, in particular, advising and informing the person responsible or the processor as well as the employees involved in the processing with regard to the obligations under the GDPR or other data protection regulations.

The data protection officer ensures that the persons responsible comply with their obligations according to GDPR. The data protection officer is not authorized to issue instructions and therefore only advises the management. The company itself is responsible for implementing the proposed measures.

The data protection officer is also the point of contact for all matters relating to data protection for the relevant company as well as for parties concerned who have questions about data processing.

In addition, the data protection officer plays a key role in the development of data protection documentation, such as the development of processing directories or the documentation of technical and organizational measures.

Other tasks include cooperating with the supervisory authorities as well as training and sensitizing employees to the topic of data protection.

My company has fewer than 20 employees: do I still need a data protection officer?

Companies with fewer than 20 employees must also comply with the data protection requirements of the GDPR and the German Federal Data Protection Act (BDSG) and therefore meet the same data protection standards as larger companies.

Therefore, it makes sense for these companies to appoint a qualified data protection officer as well in order to meet the requirements of the GDPR.

Data protection - Medical professions - Sanierung

What are the advantages of an external data protection officer?

The advantages of an external data protection officer are obvious. Thanks to the qualifications they have acquired, they are equipped with the relevant expertise as well as more extensive experience and knowledge in implementing data protection.

Below, we have compared the advantages of an external data protection officer with the advantages of an internal data protection officer.

Advantages of a data protection officer

External Internal
  • Has cross-organizational expertise
  • More extensive experience and knowledge in the implementation of data protection
  • No conflict of interest
  • No protection against dismissal
  • Neutral position
  • Transparent costs
  • Is (in theory) permanently available
  • Usually has more company-specific expertise
  • More direct contact with employees

In addition, when an external data protection officer is appointed, no internal employee has to be released from their other duties.

In our view, the advantages of the external data protection officer clearly outweigh the disadvantages. In addition, the external data protection officer always keeps an overview of all changes and innovations in this complex area.

With an external data protection officer, you can therefore fully concentrate on your core competencies!

Do you have any questions about data protection or are you specifically looking for an external data protection officer?

Then please contact us at any time at datenschutz-kso@ecovis.com.

We keep you up to date on all important topics on our blog.

Experts on this topic

No matching persons found.

You might also be interested in

Further services

Accounting 2.0ArbeitsrechtBank und KapitalmarktrechtChina DeskCompany assessmentCompliance/FibuCompliancemanagementCorporate SuccessionData protectionDatenschutzDatenschutz und IT-RechtDigitalisierungs­beratungDigitization consultingE-CommerceEinkommensteuerEnergiesteuer/StromsteuerEnergiesteuer/StromsteuerFördermittelmanagementFoundation consultationGemeinnützigkeit/ Öffentliche TrägerGewerblicher RechtsschutzGrundsteuerreformHandels- und GesellschaftsrechtHandels- und VertriebsrechtHeilberufeImmobilien­besteuerungImmobilienrechtIndirekte SteuernInsurance lawInternal auditInternational commercial lawInternational posting of employeesInternational tax lawInternationale MitarbeiterentsendungInternationale RechnungslegungInternationales SteuerrechtInternationales WirtschaftsrechtInterne RevisionJahres- und KonzernabschlussprüfungenKonzernrechnungslegunglabor lawLohnbuchhaltungmediaMedical professionsMedienNachhaltigkeitNon-profit status/public sponsorsNon-profit status/public sponsorsOracle NetSuite® OutsourcingOracle NetSuite® Outsourcing EnglishPackaging ActPayroll accountingProcedural documentationProjektmanagementProperty tax reformProzessführungReal estate lawReal estate taxationRechnungswesen 2.0Reorganization and restructuringRisiko- / Compliance-ManagementRisk management / compliance managementSanierung und RestrukturierungSozialversicherungsrechtliche AngelegenheitenStartUps / Venture CapitalStartUps / Venture CapitalSteuerliche OptimierungStiftungsberatungsubsidies managementSustainabilitySustainability AuditorTax optimizationTransfer PricingTransfer PricingUmsatzsteuerUnternehmens­bewertungUnternehmens­nachfolgeUnternehmensberatungVerfahrens­dokumentationVermögensnachfolgeVerpackungsgesetzVersicherungs­rechtWirtschaftsprüfungZoll