Each EU institution, body, office or agency (EUI) is required to designate a Data Protection Officer (DPO). The role of DPOs has become increasingly important, since their introduction to EUIs over 20 years ago, especially since the adoption of Regulation (EC) 2018/1725. With their data protection expertise, combined with knowledge of their EU institution and its activities, DPOs are able to provide independent, tailored advice and measures on data protection matters, whilst meeting the needs of their organisation.
The valuable role of DPOs in EUIs has been strengthened by the establishment of a DPO network. This network, which meets at regular intervals, has proved helpful in producing advice and exchanging views on common issues or problems.
One of the EDPS’ main tasks is to monitor the processing of personal data by EUIs. This notably implies providing support within the institutional framework to the work and role of the DPO.
The EDPS position paper on the role of the Data Protection Officer aims at providing guidance for DPOs on their critical role, functions and tasks, as the cornerstone of the EUI.
The older Professional Standards for Data Protection Officers issued by the DPO network also provides useful tips and best practices for the DPOs of the EUIs.
The EDPS website includes other useful resources for DPOs, notably under the section on our role as a supervisor: Guidelines on thematic fields, Supervisory Opinions, Transfer authorisations, audits, complaints, investigations, etc.
As part of our collaboration with DPOs, two EDPS-DPOs meetings are held each year with the DPO network. The objectives of these meetings are to take stock of the work done in the data protection field, and to approach challenges that have or may arise in a solution-focused way to achieve compliance with data protection law, and therefore protect individuals’ data. We can then provide support accordingly.
The EDPS provides different types of training opportunities to support DPOs in their tasks.
We offer individual training sessions to newly appointed DPOs. We also organise training sessions for EUI staff on the practical application of Regulation 2018/1725, as well as on specific themes upon request from DPOs. Furthermore, we have designed a Fast-track training course on data protection, available on EU learn, which we encourage DPOs to promote in their EUIs. A selection of recorded online talks covering a broad range of more specific topics is also available on EU Learn.
Our staff also provide first-line verbal advice to the EUIs DPOs.
For any additional information on the EDPS supervisory activities, you can send an email to: supervision@edps.europa.eu