Andrzej Kaczmarek, PhD

Of counsel,


Dr. A. Kaczmarek’s practice focus is data processing security management and compliance assessment of functionalities of ICT systems used for personal data processing.

Dr Kaczmarek has been active in the academic community since graduating, and until 1997 he was a researcher and lecturer at the Rzeszow University of Technology. He has been the joint architect of numerous research projects on expert systems and artificial intelligence. In 1995−1998, he combined his academic and research work with practice when he joined the Rzeszowski Zakład Energetyczny as head of the programming department. From 1998–2018, he was director of the IT department at the Bureau of the Inspector General for the Protection of Personal Data. In 1999−2018, he served as part of the International Working Group on Data Protection in Telecommunications. From 2004−2007, he was a PSG expert advising ENISA. In 1999–2009, he played an active role in PKN Cybersecurity Technical Committee 182 and the PKN Technical Subcommittee on Information Security Management Systems (ISMS). In 2008−2018, he worked in the Technical Subgroup within the Working Party on the Protection of Individuals with regard to the Processing of Personal Data.

Since 2012, he has been a member of ISACA, an association that deals in a professional capacity with IT system audit, inspection, security, and management issues. From June 2018 until October 2020, he was a data protection officer at the Personal Data Protection Office, and served in the Ministry for Digital Affairs from October 2019.

He holds an ISACA CISA certificate and an Information Security Management System Internal Auditor certificate, certifying knowledge of auditing of IT systems and conducting of internal audits. In 2013−2019, Dr Andrzej Kaczmarek conducted a series of security audits in local government authorities to verify compliance with the Council of Ministers Regulation of 12 April 2012 on the National Interoperability Framework for minimum requirements for public registers and exchange of electronic information, minimum requirements for ICT systems, and personal data protection law compliance.

He lectures in postgraduate courses on personal data protection and protection of confidential information at the Cardinal Wyszyński University, Koźmiński University Warsaw, and Rzeszow University of Information Technology and Management.
He is a graduate of the Wroclaw University of Science and Technology Faculty of Electronics, and was awarded a doctorate by the AGH Faculty of Electrical Engineering, Automatics, Computer Science and Electronics in 1986.

Read more