1.Understand how to comply with information legislation and standards, and apply it to complex cases and appeals where that level of input is required. 2.Ensure all levels of the business understand their roles in relation to GDPR. 3.Keep abreast of legislative changes that impact the business or service.