Data Protection Officer

The role of Data Protection Officer (DPO hereafter) is responsible for ensuring Aegis, its permanent staff and its Representatives adhere to and comply with the Data Protection Act and relevant codes of practice. The DPO will also monitor and check compliance to the act and codes of conduct.

More specifically the Aegis DPO role will have, but is not limited to, the following responsibilities:

• ensure that the Data Protection act is applied to information about living, identifiable people such as job applicants, Aegis Representatives and information regarding living, identifiable people in on-going and completed cases
• ensure that Aegis, its permanent staff and representatives adhere to the eight principles of the Data Protection Act
• be responsible for ensuring that Aegis permanent staff and representatives are have regular refresher courses on the data protection principles and how to apply them
• ensure that all personal information is handled with respect
• ensure that retained personal information is secure, relevant and not retained for any time longer than is necessary for the purpose it was acquired for
• check and monitor that Data Protection Act and codes and practices are being adhered to by Aegis, its permanent staff and Representatives. This may involve investigation and auditing of retained information and computer systems to ensure that the Data Protection Act is being complied with. Such investigations, by their nature, may be intrusive but will be performed with respect to the information being examined and the holders of the information
• provide information to Aegis staff and Representatives to explain that they will be criminally liable for any breaches of the Data Protection Act
• monitor changes to systems and documentation to ensue compliance with the Data Protection Act and codes of practice
• ensure compliance with any Subject Access Request that is received