Here is a handy checklist from Luxembourg’s Commission Nationale pour la Protection des Données (CNPD) regarding your Data Protection Officer (DPO) compliance.
- a DPO has been appointed;
- the contact details of DPO are published;
- the the organization has communicated the contact details of its DPO to the CNPD;
- the DPO has sufficient expertise and skills to carry out its role effectively;
- the responsibilities and tasks of the DPO do not give rise to a conflict of interest;
- the DPO has sufficient resources to perform its role effectively;
- the DPO is able to carry out their role with a sufficient degree of autonomy;
- the organization has put measures in place allowing the DPO to be associated with all matters relating to data protection;
- the DPO fulfils their responsibility regarding advising the data controller and employees;
- the DPO exercises adequate control over data processing within the organization; and
- the DPO assists the controller in carrying out impact analysis in the event of possible new data processing.
If you read French, there is more here.