Is appointing a data protection officer mandatory?
All businesses, even sole proprietorships, are required to appoint a Data Protection Officer (DPO) who is in charge of making sure the company complies with the PDPA.
Additionally, organizations must make sure that at least one DPO's business contact information is made public. The company's general phone number or email address could be listed as the business contact information.
The DPO may be an individual whose main area of responsibility is data protection or a member of the organisation who includes it among his many duties. To be clear, notwithstanding the hiring of the data protection officer, the organisation is still responsible for ensuring that it complies with the PDPA.
Additionally, organizations must make sure that at least one DPO's business contact information is made public. The company's general phone number or email address could be listed as the business contact information.
The DPO may be an individual whose main area of responsibility is data protection or a member of the organisation who includes it among his many duties. To be clear, notwithstanding the hiring of the data protection officer, the organisation is still responsible for ensuring that it complies with the PDPA.
Updated on: 15/05/2024
Thank you!