Duties of the Data Protection Officer (governed in the data protection rules of the Med. Uni. Graz)
The Data Protection Officer is bound to observe secrecy or confidentiality in the performance of his duties (Art. 37 para. 4 and 5).
• Contact point for data subjects for the processing of their personal data and the exercise of their rights;
• Monitoring compliance with the GDPR, other European Union or Member State data protection legislation, and the policies of the responsible parties or processors for the protection of personal data, including the allocation of responsibilities, awareness-raising and training of employees involved in the processing operations, and checks thereof;
• Consultation on request - in the context of the data protection impact assessment and monitoring of its implementation as per Art. 35;
• Cooperation with the supervisory authority;
• Acting as a focal point for the supervisory authority in processing-related matters, including prior consultation as per Art. 36, and, if appropriate, advice on all other issues.