ABSTRACT
Chapter 5 outlines the roles and responsibilities of the Data Controller, Data Processor and Data Protection Officer. It provides the reader with information on how to determine whether they are a Controller or Processor, explaining the decisions that Controller and Processors make in relation to data. The role of joint Controllers is also explained, and who has ultimate responsibility for the data is confirmed. The role of Controllers and Processors in the recording of processing activities is outlined and the need for organisations to registering as a Data Controller is confirmed. The chapter also deals with the penalties for non-compliance, adherence to approved codes of conduct and the role of Controllers and Processors in keeping processing secure and reporting Data Breaches. The chapter concludes with an outline of the role of Data Protection Officer (DPO), when you would appoint one, their tasks and the need for the DPO to be impartial.
