Apart from the whole consent fandango, there's the infrastructure security too. If you get hacked, it's basically your fault unless you can show you have done everything possible to avoid it, which basically means bankrupting yourself hiring security consultants to do 'penetration tests' on your websites and networks. And if an external data processor you use can't produce compliancy documentation you're supposed to sack them off as if an alternative is available off the peg to just plug in instead. Who'd want to take DPO responsibility for that lot?
I keep hearing the words "...all reasonable steps" with regards to GDPR. The lawyers will have a ****ing field day with this one, of course.
I am sure it is me who will be expected to be the DPO
I am already pissed off at getting retrospective consent for stuff.
And getting express consent from employees' emergency contacts to have their details stored on our database is like pulling teeth
“Other clubs never came into my thoughts once I knew Arsenal wanted to sign me.”
There is quite a degree of responsibility on the incumbent which is why I got fúcked off with the ongoing assumption that I would do it without even bothering to ask me. The boss mentioned remunerating me for the extra role but I explained I was not a greedy man and declined in a polite but blunt way.
I would be careful about accepting any role on a company level as it goes far beyond your HR issues.
I know. Some **** in another department does something thoughtless and then the finger gets pointed at you.
One of the most poisoned ****ing chalice there has ever been.
We are not massive data handlers but the implications are far still far reaching for us
My only hope is that all of the pre-go live hype has massively overblown everything. Though, I fear this isn't the case.
“Other clubs never came into my thoughts once I knew Arsenal wanted to sign me.”