2018 will see Data Protection Officers become mandatory for many organizations that plan to do business in Europe. So, what is driving this demand and what makes the perfect candidate?
In just a few short months, businesses from all over the globe will start feeling the effects (if they haven’t already by now) of the European General Data Protection Regulation (GDPR). The regulation requires that businesses dealing with personal data of European citizens will need to beef up data protection and be able to demonstrate compliance. Another key factor of the regulation is the appointment of a Data Protection Officer (DPO). According to the Information Commissioner’s Office (ICO), under the GDPR, you must appoint a DPO if you:
- are a public authority (except for courts acting in their judicial capacity);
- carry out large scale systematic monitoring of individuals (for example, online behavior tracking); or
- carry out large scale processing of special categories of data or data relating to criminal convictions and offenses.
This stipulation has meant that the UK’s biggest jobs website, Indeed, has seen an increase of over 700% in demand for the role over the past 18 months. GDPR mandates that DPO candidates will be especially important for data heavy industries, namely digital marketing, financial, healthcare and retail. The main responsibilities include: assisting their companies on data audits in order to comply with privacy laws, training employees on data privacy and serving as the main point of contact for European regulators. Additional functions according to the regulation could require that the DPO facilitates companies in making personal information available to customers on request, or deleting it upon request, and reporting any data breaches to local authorities and data subjects.
For organizations that require a DPO, it is possible to hire from within the company to fill the position as long as there is no conflict of interest with the individual’s other role in the company. Though, preference would ideally be given to those who have similar data management role experience. Because training and advocacy are also key elements of the job, someone with good communications skills should also be on the DPO candidate checklist.
Another useful trait for a DPO would be to stay up to date and clued in on the latest technology that will help make their lives easier when it comes to the protection and management of personal data.
Currently, there are no specific credentials that are mandatory for DPO candidates, but we expect that will change as the position evolves. For now, the DPO is the hot job of 2018.