An Enterprise Leader in the Delivery of Strategic Technology Solutions

Preparing for the GDPR: Selecting a DPO


With the start of the General Data Protection Regulation (GDPR) on May 25, 2018, we are about to see a major shortage of cybersecurity professionals around the globe. By 2022, experts are expecting a shortfall of over 350,000 cyber workers in Europe alone. We can expect, by default, a major shortage of workers on our shores as well. One main reason for this is the GDPR stipulation that a company MUST hire a Data Protection Officer (DPO) if they:


·        are a public authority (except for courts acting in their judicial capacity)
·        perform core activities that require large-scale, regular, and systematic monitoring of individuals (for example, online behavior tracking)
·        perform core activities that consist of large-scale processing of special categories of data, or data relating to criminal convictions and offenses

Though the appointment of a DPO is mainly for the European nations, there are companies across the globe hiring for the position as a strategy to keep themselves at the top of the cybersecurity and compliance game. Thus, we are already seeing companies who are not strictly required to hire a DPO, appointing one to their staff.

Whether your company is required to hire a designated DPO or not, be aware that the same requirements and tasks of the position apply, just as they would if the appointment were mandatory.

So what does a DPO do?

·        They assist you in monitoring internal compliance
·        They inform and advise on data protection obligations
·        They provide advice regarding Data Protection Impact Assessments (DPIAs)
·        They act as a contact point for data subjects and the supervisory authority
·        They help you demonstrate compliance
·        They are part of the enhanced focus on accountability


What professional qualities should a DPO have?

·        You should appoint a DPO on the basis of their professional qualities, and in particular, experience and expert knowledge of data protection law.
·        Their credentials should be proportionate to the type of processing your organization carries out, taking into consideration the level of protection the personal data requires.
·        It would be an advantage for your DPO to also have a good knowledge of your industry or sector, as well as your data protection needs and processing activities.

No matter where in the world your company might be located, knowing at least the basics of the GDPR can keep you and your company out of hot water. For more information on performing a full risk assessment on your organization, or to speak with Crossroads Technologies, Advisory Services Division, contact us at 1 (800) 548-3893 or engageThis email address is being protected from spambots. You need JavaScript enabled to view it..

 

Articles You Might Find Interesting:
Are you Ready for the GDPR to Go into Effect? 
5 Things Every CEO Should Know About the GDPR
Blockchain Technology: Explained-Video
Windows 7 is Shutting Down: Why It's a Good Thing for Healthcare

Share this article:

Older Posts

Archive