The Data Protection Officer
Welcome in the new world of General Data Protection Regulations. The EU is helping all the companies to create security around data protection and privacy. Creating the GDPR has massive influence on how companies operate with data which are in fact all companies. That is something without any secrets. It is also a dossier with a lot of pain points. We have spoken about the impact in different other articles. However one of the topics of great interest is the Data Protection Officer. Companies are unable to execute a sustainable data strategy following the GDPR without the Data Protection Officer. A recent study shows that there are 28.000 positions of Data Protection Officers that has to be filled.
The Tasks of a Data Protection Officer
Do we need a Data Protection Officer?
If your company needs a Data Protections officer depends on some different aspects. Let us explore these factors a little bit further.
You need a Data Protection Officer when your company is a public company or in other words government related. The exception is one pillar of the trias politica namely the judiciary. The are not obliged to appoint one however if they want to they are free to do so.
Your company needs a Data Protection Officer if you are active in data management with regularly and systematically observation. For example because of nature, size or goals as reason for this data management activities
If your company works with personal details from one of the special selected categories. Categories such as race, political ideas, religion, bio metrics, healthcare details, sexual preferences or convictions.
There are some other components as well. But the components above are the most important. Be carefull with details and if necessary consult with legal council.
Where do find a Data Protection Officer
Well the role of a Data Protection Officer is not necessary the same as an employee. Consultants and other specialists can be hired to do the job. However be careful with conflicts of interest when you hire an external party. When we take look at education there is no education mandatory before you can apply to the role. The person you appoint has to be skilled in the are of data privacy and protection. If your company is managing data at a large scale then you probably have to find a Data Protection Officer. However you have until the 25th of may in 2018 to do so.