Data Protection Officers and the new BDSG - still mandatory!

  • Author: Niklas Drexler
  • Last updated: 03.07.2023
  • Category: Data Security

With the introduction of the GDPR, the topic of data protection officers has suddenly become interesting. This is true for external parties as well as for those responsible within the company or for the Data Protection Officer (DPO) himself. The once boring and meticulous role seemed to become more attractive. For consultancies, new fields of activity suddenly emerged. However, the issue is not new.

The deviations from the requirements of the old Federal Data Protection Act (BDSG) are rather manageable. You can read more about the duties of the data protection officer here, and the differences to the old law are explained here. The question of whether to appoint an internal or external DPO is often the subject of intense debate. On the one hand, the costs for external DPOs are undoubtedly higher, at least if the necessary qualification costs are not taken into account. On the other hand, dependencies arise because an internal DPO enjoys job protection similar to that of a works council member.

Costs and dependencies need to be carefully considered. The decision may depend on how critical the handling of personal data is perceived within the company. The more seriously the decision-maker takes this issue, the more likely it is that he will opt for experience and competence.

Datenschutz - Word-Cloud
©photolars / stock.adobe.com

Back to the news overview

Privacy settings

We use cookies on our website. Some of them are essential, while others help us improve this website and your experience.

In this overview you can select and deselect individual cookies of a category or entire categories. You will also receive more information about the cookies available.
Group essential
Name Matomo
Technical name
Provider
Expire in days 72
Privacy policy
Use Use without cookies
Allowed
Group external media
Name Calendly
Technical name __cf_bm,__cfruid,OptanonConsent
Provider Calendly LLC
Expire in days 365
Privacy policy
Use To arrange appointments via the provider Calendly
Allowed
Name Contao CSRF Token
Technical name csrf_contao_csrf_token
Provider Contao
Expire in days 0
Privacy policy
Use Serves to protect the website from cross-site request forgery attacks. After closing the browser, the cookie is deleted again.
Allowed
Name Contao HTTPS CSRF Token
Technical name csrf_https_contao_csrf_token
Provider Contao
Expire in days 0
Privacy policy
Use Serves to protect the encrypted website (HTTPS) against falsification of cross-site requests. After closing the browser the cookie is deleted again
Allowed
Name PHP SESSION ID
Technical name PHPSESSID
Provider Contao
Expire in days 0
Privacy policy
Use PHP cookie (programming language), PHP data identifier. Contains only a reference to the current session. There is no information in the user's browser saved and this cookie can only be used by the current website. This cookie is used all used in forms to increase usability. Data entered in forms will be e.g. B. briefly saved when there is an input error by the user and the user receives an error message receives. Otherwise all data would have to be entered again
Allowed
Privacy Policy | Privacy Policy