The General Data Protection Regulation set to come into force next May means many organisations will have to appoint a data protection officer.

The qualification requirements set for the officers are very high under the Data Protection Inspectorate guidelines – requiring expert-level knowledge of data protection related legal acts and practices in addition to conversancy with the principles of data security and related technologies. The detailed requirements are provided on the inspectorate’s website, along with information on which organisations are required to appoint a data protection officer.

Grant Thornton Baltic offers the possibility to outsource data protection officer service. Developed in line with the European Union’s Guidelines on Data Protection Officers, the service charges a monthly flat fee that is significantly more cost-effective for companies than recruiting an expert for their own team.

The service includes:

  • Analysis and verification of the conformity of data processing.
  • Mapping various applications and outputs of processing of personal data.
  • Providing information, advisory services and recommendations to the client company.
  • In the event of an incident, primary communication with the Data Protection Inspectorate.

For more information, contact the head of our risk management services division, Urmas Sadu, on +372 626 0500 or via e-mail: