All in all it must be said that the GDPR is good news for every consumer and all those affected by data processing. This is due to the fact that they are protected by the GDPR. In addition, GDPR regulations also affect the rights of employees.
These rules are relevant for all companies with employees. This then means that numerous companies will be doubly affected, as it concerns the privacy of employees (employment data protection), as well as those of customers, suppliers, and website visitors.
Of course, the GDPR is of particular relevance for those employed as data protection officers. The new regulations will considerably increase the number of these throughout the continent. In the future, all public authorities and all companies, whose core activity relates to the handling of personal data, will have to appoint a company-wide data protection officer. Even if a business' core activity is not related to data processing, if it is the case that at least ten people are constantly engaged in the automated processing of personal data on the premises, then a data protection officer must be appointed. This will most likely be the case for many medium-sized companies. Companies affected by this scheme must have taken the appropriate measures already.
Even for data protection officers who are already employed by a company, the GDPR represents a major change. This is because their role in the company is fundamentally changing. If it is the case that the data protection officer has been working towards data protection conformity, in the future he or she will be responsible for monitoring the implemented measures. This increases their range of responsibility and subsequently increases their potential for liability.
Overall, the new regulations mean quite an increase in work for data protection officers. They have to familiarize themselves in detail with the new legal situation. However, the new laws also have positive aspects for them. Without a doubt their expertise will be in great demand and, as well as this, their position in the company will be enhanced due to the increasing number of tasks. Article 39 of the GDPR actually makes reference to the tasks of a data protection officer. Some of these include informing and advising in relation to the GDPR as well as other data laws, monitoring GDPR compliance, advising on the impact of the regulations, and also being available for any enquiries.
The following is a summary of the General Data Protection Regulations, focusing particularly on the innovations for website operators and companies.