Duties of the Data Protection Ombudsman

• supervising compliance with data protection legislation and other laws concerning the processing of personal data
• promoting awareness of the risks, rules, safeguards, obligations and rights related to the processing of personal data
• carrying out investigations and inspections
• imposing administrative sanctions for violations of the General Data Protection Regulation
• issuing statements on legislative and administrative changes that affect the protection of the rights and freedoms of individuals with regard to the processing of personal data
• issuing statements on offences involving the processing of personal data
• supervising the processing of credit status information and corporate credit ratings
• processing requests for issuing orders with regard to the rights of data subjectsand notifications of other violations related to the processing of personal data
• receiving declarations of Data Protection Officers
• receiving reports of personal data breaches
• drawing up a list of circumstances in which a data protection impact assessment is required
• evaluating prior consultations concerning high-risk data processing
• approving code of practice and standard clauses
• encouraging the adoption of certificates, accrediting certification bodies and revoking issued certificates
• representing Finland in the European Data Protection Board
• cooperating with the EU's other data protection authorities within the scope of the one-stop-shop principle and referring matters to the European Data Protection Board when required.