For organizations that are subject to the EU General Data Protection Regulation (GDPR), appointing a Data Protection Officer (DPO) is often one of the greatest challenges they will face in complying with the law.
On top of GDPR, companies conducting any international business may also need to comply with a host of data privacy regulations from around the world. Many countries outside the U.K. and Europe – including the United States, Canada, and Australia – have data privacy laws that, like the GDPR, require covered entities to appoint someone who must essentially act as a full-time privacy and security officer.
These positions are difficult to fill in-house, even for large companies. In many cases – depending on the applicable law – a DPO’s required duties cannot be performed by a single individual. Kroll has the experience, expertise and resources to help.
In partnership with leading data privacy law firms, we offer DPO consultancy services to help clients become and stay compliant with GDPR and other data privacy laws and regulations.
Kroll’s technical and legal experts can help companies quickly set up and maintain a compliant DPO program. Members of our team not only have decades of experience and expertise in data privacy and security, they are also well versed in cyber risk assessments and investigations on a global scale.
Working with our experts allows companies to expand their capabilities in a way that aligns technology and operations decision-making with data privacy standards and best practices while also improving their overall cyber resiliency.
Typical DPO Duties Under Data Privacy Regulations, Including GDPR | Kroll’s DPO Consultancy Support (In partnership with leading data privacy law firms) |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
For many organizations, the data breach notification requirements in recent data privacy laws may be unknown territory. Kroll is a global leader in breach response and identity theft remediation services. Our experts provide comprehensive solutions – from proactive preparation to crisis management – to help companies comply with the law, preserve resources, and protect their reputations.
Kroll closely tracks the evolution and development of global data privacy regulations so we can continue to expand our capabilities and fulfill the needs of customers across a wide range of industries and jurisdictions.
With offices in 20 countries and more than 30 cities, and experts that speak over 12 languages, our team has extensive, hands-on experience with a wide range of regulations, including GDPR, PCI DSS, CASL, US HIPAA and Hong Kong's DPO Principle 4. Many of our cyber experts bring years of unique experience having served in law enforcement and regulatory agencies around the world:
While regulators across the globe are continually looking to expand data privacy protections, existing requirements already outnumber the individuals who are available and qualified to perform these duties. Fortunately, Kroll’s team of data protection consultants can help companies comply with data privacy regulations and, at the same time, make their entire systems more cyber resilient.
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll’s elite security leaders deliver rapid responses for over 3,200 incidents per year and have the resources and expertise to support the entire incident lifecycle.
Stop cyberattacks. Kroll’s managed detection and response services are powered by an elite team of seasoned cyber risk experts and frontline threat intelligence to deliver unrivaled response.
Kroll’s field-proven cyber security assessment and testing solutions help identify, evaluate and prioritize risks to people, data, operations and technologies worldwide.
Manage cyber risk and information security governance issues with Kroll’s defensible cyber security strategy framework.
Kroll’s data breach notification, call centers and monitoring team brings unique expertise to global incident response to help clients efficiently manage regulatory and reputational needs.
by Andrew Rathbun, Eric Zimmerman
by David White
by George Glass
by Dave Truman