By Reina Legal
20th December, 2019
The PDPB, 2019 talks about appointing a Data Protection Officer (DPO) in certain cases.
Appointment of DPO
- Every significant data fiduciary shall appoint a data protection officer
- Such officer shall be based in India and shall represent data fiduciary
- Shall possess such qualification and experience as may be specified by regulation
Functions of DPO
- provide information and advice to the data fiduciary on matters relating to fulfilling its obligations under this Act
- monitor personal data processing activities of the data fiduciary to ensure that such processing does not violate the provisions of this Act
- provide advice to the data fiduciary on carrying out the data protection impact assessments and carry out its review
- provide advice to the data fiduciary on the development of internal mechanisms
- provide assistance to and co-operating with the Authority on matters of compliance of the data fiduciary with the provisions under this Act
- act as the point of contact for the data principal for the purpose of grievances redressal
- maintain an inventory of records to be maintained by the data fiduciary
Where the significant data fiduciary contravenes to appoint a data protection officer shall be liable to a penalty which may extend to five crore rupees or two per cent of its total worldwide turnover of the preceding financial year, whichever is higher.