The office of the Georgian Personal Data Protection Service has appointed Tengiz Mamuliya as the Personal Data Protection Officer. He worked in different wings of the service in several positions.
During his tenure in the data protection office he checked the legality of the service’s personal data processing processes, provided consultations on issues related to data protection, and participated in a number of the service’s activities to raise awareness.
It should be added that the new law “On Personal Data Protection” imposed an obligation on public institutions and a number of private organizations to appoint or define a personal data protection officer.
The new provision of the latest law will come into force on June 1. As per the law the person responsible for the data processing in any organization and who is authorized for the processing must ensure the proper involvement of the personal data protection officer appointed/defined by them in the process of making important decisions regarding data processing. As per the Georgian law:
- The data protection officer must be accountable to the highest level of the governance structure
- The officer must have proper knowledge in the field of data protection
- In case of doing the other functions for the office , there should not be any conflict of interest
At the same time the personal data protection officer appointed/designated by the organization shall ensure:
- Providing consultation and methodical assistance to the organization and its employees on issues related to data protection
- Participation in the development of internal regulations related to data processing, monitoring of the implementation of legislation and internal organizational documents by the organization
- Analysis of statements and complaints received regarding data processing by the organization and issuing relevant recommendations
- Receiving consultations from the Personal Data Protection Service and representing the organization in relation to the Personal Data Protection Service
- Performing other functions as mandated by law to raise the standards of data processing by the organization
