Duties and functions of a data privacy officer

69.(1) A data privacy officer shall

(a) inform and advise the data controller or the data processor and the employees who carry out processing of their obligations pursuant to this Act;

(b) monitor compliance with this Act and with the policies of the data controller or data processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;

(c) provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to section 65;

(d) cooperate with the Commissioner;

(e) act as the contact point for the Commissioner on issues relating to processing, including the prior consultation referred to in section 66, and to consult, where appropriate, with regard to any other matter.

(2) A data privacy officer shall in the performance of his duties and functions under this section have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.