A recent study published by the International Association of Privacy Professionals (IAPP), which was designed to determine the GDPR’s global reach, has reported that the Regulation will create a demand for “at least” 75,000 data protection officers (DPOs) positions worldwide.
The General Data Protection Regulation (GDPR) will come into force on 25 May 2018 and will supersede the Data Protection Act (DPA), creating a series of requirements and obligations for organisations that collect and process data on European residents.
United States has the largest demand of DPOs under GDPR
The report also suggests that United Kingdom has a requirement of 3,102 DPOs. Moreover, the United States takes the top place on the table with the largest demand of DPOs (9,000), followed by China (7,568) and Switzerland (3,682).
Under the General Data Protection Regulation, DPOs have the responsibility of helping organisations achieve and maintain compliance with the Regulation.
The GDPR protects and strengthens data subjects’ rights, and also introduces/codifies new rights such as the right to be forgotten, the right to object, the right to bring class actions, the right to data portability, and rights related to automated decision making and profiling. For example, while laws passed to meet the requirements of the Data Protection Directive (such as the DPA) allow organisations to process data until the data subject raised an objection and the objection was found to be justified, the GDPR allows data subjects to raise objections and the controller must provide justification for continuing to process data or demonstrate that processing is in line with the data subject’s legal rights.
DPOs must be appointed based on professional qualifications and expert knowledge of data protection law and practices
The GDPR requires that public authorities and organisations that process data on a large scale appoint a data protection officer (DPO). The role of data protection officer must be “independent” within the organisation, and the DPO must be appointed on the basis of professional qualifications and qualities – in particular, “expert knowledge of data protection law and practices”.
The ISO 17024-accredited EU GDPR Practitioner qualification helps people fulfil the role of DPO under the GDPR
People interested in pursuing a career in data protection and filling the role of DPO can get a comprehensive understanding of the GDPR and develop the practical skills to help organisations achieve GDPR compliance by attending IT Governance’s Certified EU General Data Protection Regulation (GDPR) Practitioner training course.
The Certified EU GDPR Practitioner training course provides a comprehensive understanding and practical knowledge of the role of the DPO, setting up a privacy compliance framework, data mapping, data protection impact assessments, the role of data processors and controllers, data breach reporting requirements, demonstrating compliance, and much more.
The course supports professional development. Delegates who pass the exam are awarded an ISO 17024-accredited EU GDPR Practitioner qualification, which proves that the delegate has the knowledge and skills to help organisations achieve compliance with the GDPR and take on the responsibilities of a DPO.
People with little or no knowledge of the GDPR are advised to attend the Certified EU General Data Protection Foundation training course to build a basic understanding of the new Regulation. Delegates can save 15% by booking places on both courses.