NIS Representation Services
The DPO Centre provides EU & UK Representative services to qualifying NIS (Network and Information Security) organisations who do not have a head office in the UK or Europe but need to comply with the Network and Information Security Directive (NISD).
Find out how we can help your organisation today.
NIS Representative services required by the NISD
The NIS Directive sets high standards of network and information system security that must be achieved by the organisations for which they are applicable to.
In the UK, the Network Information and Security Directive was transposed into national law via The Network and Information Systems Regulations 2018 (NIS Regulations) prior to Brexit.
Our service provides you with access to established and experienced NIS Representatives in the UK and across all 27 member states within the EU. Representatives from The DPO Centre will liaise where necessary with the relevant authorities in other Member States, and submit reports to the Network and Information Security Cooperation Group regarding security incidents and, where required, the EU Commission.
The DPO Centre provides:
- EU NIS Representation to organisations outside the EEA
- UK NIS Representation to organisations outside the UK
Representation is required in both the UK and the EU if your organisation is not located in either the UK or the EEA.
Who is required to appoint a NIS Representative?
Any organisation that is required to comply with the NISD, as transposed into the relevant national law, will have to appoint an EU or UK NIS Representative if they do not have a head office located within the EU or UK respectively.
Each Member State, plus the UK, is responsible for defining the types of organisations that fall under the Network and Information Security requirements.
In the UK, two types of organisations fall under the NIS Regulations:
- Operators of Essential Services (OES)
- e.g. health, transport, and energy providers
- Relevant Digital Service Providers (RDSPs)
- e.g. search engines, online marketplaces, cloud computing services
To qualify, your organisation must employ more than 50 staff and have annual revenues in excess of €10 million.
If your organisation operates in multiple EU Member States but has no head office within the EU, you only need to appoint one EU NIS Representative, ideally in the Member State in which your main European establishment is located, if you have one.
Why you should choose a NIS Representative from the DPO Centre
The DPO Centre Ltd and The DPO Centre Europe Ltd maintains a large team of experienced data protection specialists with the skills, knowledge, and resources required to undertake your representation requirements in the UK and the EU. Having worked with over 600 organisations across a wide-range of sectors globally, we have developed shared best practices that will help to maintain your organisation’s compliance with NIS and data protection regulations. With a presence in all 27 EU Member States, as well as the UK, the DPO Centre can provide full NIS Representative Services from any Member States to ensure full compliance.
How Does Our Service Work?
During the onboarding phase we will arrange meetings with you to understand your organisation, your business operations and your strategic direction, as well as to set out the key deliverables of the Representation service.
Ensuring Ongoing Compliance
Once onboarded, we will act as your point of contact and liaise with the relevant authorities in other Member States, the NIS Cooperation Group and the CSIRTs Network. We will also submit reports to the NIS Cooperation Group regarding any security incidents that have occurred, and where necessary, to the EU Commission.
Benefits of Our NIS Representative Service
Appointing a Representative is a legal requirement, however there are many benefits of appointing The DPO Centre as your NIS Representative. These include:
NIS Representative Services for Sectors
As one of the largest and most established data protection providers available, we are Subject Matter Experts and can provide you with access to an experienced team of data protection professionals. Whether your organisation is an Operator of Essential Services (OES) or a Relevant Digital Service Providers (RDSP), our broadly experienced team can cater to your organisation’s unique commitments and requirements.
Fill in your details below and we’ll get back to you as soon as possible
Frequently Asked Questions
We’ve compiled a series of FAQs but if you can’t find the answer here please contact us to find out more.
The NIS Directive is a piece of EU cybersecurity legislation that aims to harmonise cybersecurity laws throughout the EU and to enhance cybersecurity practices. As a Directive, the NISD does not have direct effect in member state law. Therefore, each member state has to transpose the Directive into national law by adopting national legislation.
As the NIS Directive came into force before the UK left the EU, the UK transposed the Directive into UK law via the Network and Information Systems Regulations 2018 (NIS Regulations).
A NIS Representative is there to act as a point of contact for your organisation. They will liase with the relevant authorities in other Member States, the NIS Cooperation Group and the CSIRTs Network. They also, where necessary, submit reports to the NIS Cooperation Group regarding any security incidents that have occurred, and, where necessary, to the EU Commission.
The fee to deliver the NIS Representative service varies based on your sector, the number of data subjects you are processing personal data on and the needs of your organisation. Please contact us so that we can discuss your requirements.
Our large team of privacy professionals provide access to a wide range of expertise and experience in network and information security and data protection, we can support your organisation with NIS representation, but also through our consultancy services, advice line, outsourced data protection officers, interim support services and data protection training.
DATA PROTECTION SERVICES FOR SECTORS
“Venatorx is very pleased with the guidance and support that The DPO Centre has provided us to ensure that we meet the legal requirements of GDPR.
We are confident in the knowledge that our staff understand their responsibilities and The DPO Centre’s team is on hand to assist when required.”
PCCTC Contracts Manager
“By having The DPO Centre take responsibility for the role of GDPR representative for the PCCTC we are confident we are meeting the legal requirements of the GDPR.
The DPO Centre’s team are always on hand to answer any queries we may have and to help us respond to any Data Subject Access Requests from any trial member across the EU.”