Close Close
Poll
What is the most important factor you consider when selecting a used car sales portal? Please leave a comment
View the poll
Automotive Events
AM Online

Do you need to hire a data protection officer ahead of GDPR?

Geldards solicitors will explain if a company needs to hire a data protection officer at AM’s forthcoming GDPR conference.

Whether a company requires a data protection officer or DPO under the GDPR is governed by the regulations, but maybe open to interpretation.

Dealer groups may wish to consider the appointment of a DPO from an external provider or extend the remit of a current employee, according to the pair.

Whilst the regulations specify that a DPO is necessary if a company processes data requiring ‘regular and systematic monitoring of data on a large scale as part of its core activities’.

Exactly what is meant by this is vague, Thring and Mills will tell delegates at the conference which takes place at Milton Keynes’ Hilton Doubletree on February 22.

Mills said: “It is key for dealerships to carry out a full data audit to see if they fall within the requirements to appoint a DPO.

Whilst there are a number of exemptions, these cannot necessarily be relied upon.

“It is important to bear in mind that the GDPR does not define what a breach or a risk is. This decision will be left to the DPO but it is worth noting a breach could include an accidental loss of data.”

Thring said: “Eventually, we think most organisations will either appoint a DPO or someone to fulfil a compliance role within the dealership. This person will manage staff training and awareness and ultimately, assist in maintaining data protection compliance.”

The session from the Geldards solicitors will incorporate practical ‘what if…’ scenarios and how the DPO should respond.

For example, the practical consequences should an employee leave a company mobile on the train including who the employee needs to report the loss to, and what the DPO should do.

Other incidents include sending or deleting an email by mistake or if a used vehicle is sold but details such as the home address have not been wiped from the satnav.

Other experts speaking at AM’s GDPR conference will tackle marketing and cyber security in more depth.

The event has been designed to provide dealers with a means to benchmark their own practices against the views of the experts.

Dealers can book their place online 



If you are not a registered user your comment will go to AM for approval before publishing. To avoid this requirement please login.

Comment as guest


Login  /  Register

Comments

No comments have been made yet.