neděle 22. října 2017

The role of the DPO – And how to find one in a competitive landscape

Opinion GDPR: The role of the DPO – And how to find one in a competitive landscape - By Mike Hughes
Published October 16 2017, 6:30am EDT
Článek najdete na portálu: www.information-management.com
na adrese: http://tinyurl.com/y875lvta
Cituji vybrané části textu:
"GDPR (General Data Protection Regulation) introduces the new role of Data Protection Officer (DPO). While many organizations have had the title of such a role under the existing EU Directive, member states had different interpretations of what this meant. GDPR takes the responsibilities of the DPO to another level."
"To be able to effectively discharge the duties of the DPO, as outlined in Articles 38 and 39 of GDPR, the DPO needs to have a high authority in their organization, have a wide range of experience and be multiskilled, both technically and socially."
So, what makes a good DPO?
"The DPO needs a mix of skills and experience extending from data privacy into information risk management, relationship management, persuasive/negotiating skills, and the ability to operate at the highest levels within an organization."
"The DPO’s initial primary focus will be to get his or her organization ready to be GDPR-compliant by the May 2018 deadline, when GDPR becomes enforceable. "
Cituji závěr článku:
"To sum up, there is massive requirement to recruit DPOs with GDPR experience. As GDPR is only in its implementation phase, these people do not exist in the numbers required. Therefore, organizations need to take a more pragmatic view. Look at existing data protection professionals; can they be developed into the role of the DPO with training and coaching? Look at information risk and information governance professionals; can they be trained in data privacy? For the large corporates, look at the role of Chief Data Officer, and for SMEs, look at buying a managed service."
(This post originally appeared on the ISACA blog.)