Data Protection Officer

The Data Protection Officer will take the lead on all Data Protection matters for the Eurofins Clinical Diagnostics companies in Ireland and the UK. The holder of this role will be responsible for monitoring and ensuring compliance with national and other relevant data protection laws and practices across all business lines. To enable the carrying out of this critical role, the successful candidate will be involved in all issues which relate to the protection and processing of personal data within the business.

Specific Tasks:

• To ensure business lines in scope are compliant with GDPR/DPA and other relevant legislation where applicable.
• To promote a data protection culture within the business lines in scope.
• To act as the primary contact within or outside the organisation about all issues relating to the processing of personal data under relevant legislation. 
• To collaborate with the wider Eurofins Group on data protection matters and act as the Privacy Lead.
• To implement an Information Governance Framework which both ensures and demonstrates compliance with Data Protection legislation and policies.
• To develop, maintain and improve the data protection policies and processes.
• To provide training on data protection to the relevant stakeholders.
• To monitor compliance with the GDPR as well as undertaking systematic data protection audits in accordance with GDPR and Data Protection legislation.
• To manage, coordinate and respond to all data protection and privacy-related queries and requests from third parties (including members of the public and regulatory authorities).
• To manage the data protection risk register, data retention schedules, and all other data protection reference documents aligned to the technical and organisational requirements.
• To provide oversight, control and risk management for any data breaches when they occur.
• To support the business lines in identifying required DPIA has and be responsible for final sign off.
• To establish and maintain a legal basis register and programme including developing clear data flow maps where required and identify data owners.
• To manage and mediate any complaints received from data subjects.
• Other related tasks as assigned by the Authority from time to time.