An International Association of Privacy Professionals (IAPP) study published last year reported that the EU’s General Data Protection Regulation (GDPR) will create a demand for “at least 75,000” data protection officers (DPOs) worldwide.
The study, which was designed to determine the global reach of the GDPR, found that the US will have the largest demand for DPOs (9,000), followed by China (7,568), Switzerland (3,103), and Russia (3,068).
Despite being an EU regulation, the GDPR will reshape data protection practices for many US companies, as it applies to any organization in the world that processes EU residents’ data. Any organization or public authority in the world that processes EU residents’ data on a large scale must appoint a DPO.
Under the GDPR, the DPO will be responsible for helping organizations achieve and maintain compliance with the Regulation.
Given the Regulation’s stringent requirements – and the significant penalties for organizations found to be in breach of them – DPOs must be appointed on the basis of professional qualifications and qualities. In particular, they must have “expert knowledge of data protection law and practices.”
A much stricter regulation
The GDPR protects and strengthens data subjects’ rights and codifies new ones, such as:
- The right to be forgotten
- The right to object
- The right to bring class actions
- The right to data portability
It also includes a number of rights related to automated decision making and profiling. For example, unlike the GDPR’s predecessor, the Data Protection Directive, the GDPR allows data subjects to raise objections. If that happens, the data controller must provide justification for continuing to process data or demonstrate that the processing is in line with the data subject’s legal rights.
Become qualified as a DPO under the GDPR
If you’re interested in becoming a DPO, you will need a comprehensive understanding of the GDPR and the practical skills to help organizations achieve compliance. You can begin this process by attending IT Governance’s Certified EU General Data Protection Regulation (GDPR) Practitioner training course.
The course helps you gain the practical knowledge needed to fulfil the DPO role, covering data mapping, data protection impact assessments, the role of data processors and controllers, data breach reporting requirements, how to demonstrate compliance, and much more.
The course supports professional development. Delegates who pass the exam are awarded an ISO 17024-accredited EU GDPR Practitioner qualification, which proves that the delegate has the knowledge and skills to help organizations achieve compliance with the GDPR and take on the responsibilities of a DPO.
People with little or no knowledge of the GDPR are advised to attend our introductory program, the Certified EU General Data Protection Regulation Foundation training course.