The role of the DPO according to General Data Protection Regulation (GDPR).

Postgraduate Thesis uoadl:2898175 146 Read counter

Κατεύθυνση Σχεδιασμός και Διοίκηση Υπηρεσιών Υγείας
Library of the School of Health Sciences
Deposit date:
Toka Glykeria
Supervisors info:
Σπυρίδων Βλαχόπουλος, Καθηγητής, Νομική Σχολή, ΕΚΠΑ, Επιβλέπων
Ιωάννης Τούντας, Καθηγητής, Ιατρική Σχολή, ΕΚΠΑ
Μαρία Καντζανού, Επίκουρη Καθηγήτρια, Ιατρική Σχολή, ΕΚΠΑ
Original Title:
Ο ρόλος του DPO σύμφωνα με το Γενικό Κανονισμό Προστασίας Δεδομένων (GDPR)
Translated title:
The role of the DPO according to General Data Protection Regulation (GDPR).
This thesis on the "Role of the DPO in accordance with the General Data Protection Regulation (GDPR)" is an attempt to expose the position of DPO in accordance with the requirements of the new European General Data Protection Regulation. - GDPR. The DPO holds the lead in security required by the GDPR Regulation in any organization that processes or stores personal data on EU citizens, as he is responsible for overseeing a company's data protection strategy and its implementation ensure compliance with its requirements.

In the first chapter of this work, we make a historical overview of the evolution of both International and Union Law, as well as our national law, with regard to legislation on the protection of citizens' personal data. Subsequently, we are referring to the circumstances which led to the need to replace the earlier Directive 95/46/EC by the new Regulation 2016/679, which aimed to enhance the effective protection of the citizens of the European Union by increasing confidence and as well as the security they will feel.
The second chapter presents in detail the new GDPR Regulation, which is a monumental step in the field of personal data regulation, as it affects businesses across the EU and beyond. General Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR) is an EU regulation for the protection of data and privacy, as well as their transmission, to all citizens of the European Union (EU) and the European Economic Area (EEA).
The third part of our work clarifies and exposes the role of the Data Protection Officer, which is now a mandatory role for all organizations that collect or process personal data of EU citizens. Its role is complex as it serves as a point of contact between organization and supervisory authorities and at the same time responsible for the education and training of staff responsible for the processing of data on compliance requirements. The DPO also conducts regular security audits and makes recommendations to promote compliance with both regulations and best practices. This chapter discusses the procedures for appointing an DPO, the cases in which he is required to be appointed, the possibility of appointing an external DPO, the necessary qualifications he has, the responsibilities he assumes, and the position he holds within business organizations.
Finally, we are assessing and evaluating this new institution, moving further on some thoughts and concerns on the practical application of this role and its possible future development.
Main subject category:
Health Sciences
Personal data, Directive 95/46/EC, General Data Protection Regulation – GDPR, Data Protection Officer – DPO.
Number of index pages:
Contains images:
Number of references:
Number of pages:

Toka Glykeria Master.pdf
1 MB
File access is restricted only to the intranet of UoA.