V&A museum mulls outsourced data-protection officer model ahead of GDPR

Written by Sam Trendall on 18 January 2018 in News

Art-and-design museum claims GDPR audit is well underway as it seeks market input on possible DPO-as-a-service implementation

Pictured here is V&A director Tristram Hunt in one of the museum's exhibition rooms  Credit: Yui Mok/PA Archive/PA Images

London’s Victoria and Albert Museum (V&A) is considering the possibility of using an outsourced data-protection officer service to fulfil its obligations under the EU General Data Protection Regulation.

To comply with GDPR, which comes into effect in the UK on 25 May, all public bodies must nominate a named data-protection officer (DPO). In recent months, some public-sector organisations have looked to recruit such an individual to fill a newly created and dedicated role, while others have reassigned or given additional duties to incumbent staff.

Another option available to public bodies is to outsource such a post to a DPO-as-a-service-style provider. While it is yet to definitively decide on which model it wishes to pursue, the V&A is mulling the use of an outsourced DPO to meet its GDPR obligations.

The museum has issued a competitive contract notice looking for potential suppliers who provide such an offering to get in touch and supply details of the kind of service they could deliver, and at what cost.

Related content

The V&A said that it is “currently in the midst of a detailed data protection audit and GDPR implementation process [and does] not need advice or support on GDPR compliance” more widely.

“The V&A is quite far along in its analysis of the consequences of the GDPR,” the museum added. “An audit is underway and appropriate structures, policies, and procedures will be in place by the May 2018 deadline.”

Located in the London district of South Kensington, the V&A owns a permanent collection of about 2.3 million objects, attracting 3.4 million visitors in the 2016/17 year. It characterises itself as “the world’s leading museum of art and design”. 

In addition to its flagship site, it also runs two other London locations – the Museum of Childhood in Bethnal Green, and an archive and study collection at Blythe House in West Kensington – as well as a storage facility in Salisbury. 


About the author

Sam Trendall is editor of PublicTechnology

Share this page



Add new comment

Related Articles

New cybersecurity regulators to be given power to fine critical services providers £17m
30 January 2018

Organisations offering water, energy, health, or transport services must implement effective preventive measures or face serious consequences


Bursting the bubble – the ethics of political campaigning in an algorithmic age
24 January 2018

The ICO’s investigation into the use of data and analytics in campaigning is likely to prompt the creation of a new code of conduct for political parties, according to information commissioner...

National Archives to digitise 1921 census records
11 January 2018

Agency seeks supplier to facilitate online publication of information gathered through national survey as it nears 100-year cut-off

Treasury Committee to examine digital-currency regulation
22 February 2018

‘It is time Whitehall and Westminster understood cryptocurrency better’, committee member declares following period of extreme fluctuations