Here is a handy checklist from Luxembourg’s Commission Nationale pour la Protection des Données (CNPD) regarding your Data Protection Officer (DPO) compliance.

Make sure:

  • a DPO has been appointed;
  • the contact details of DPO are published;
  • the the organization has communicated the contact details of its DPO to the CNPD;
  • the DPO has sufficient expertise and skills to carry out its role effectively;
  • the responsibilities and tasks of the DPO do not give rise to a conflict of interest;
  • the DPO has sufficient resources to perform its role effectively;
  • the DPO is able to carry out their role with a sufficient degree of autonomy;
  • the organization has put measures in place allowing the DPO to be associated with all matters relating to data protection;
  • the DPO fulfils their responsibility regarding advising the data controller and employees;
  • the DPO exercises adequate control over data processing within the organization; and
  • the DPO assists the controller in carrying out impact analysis in the event of possible new data processing.

If you read French, there is more here.