Data privacy profession is a booming career today. There is a high demand coupled with competitive salary for Data Protection Officers (DPO) and other privacy practitioners world-wide because of the emerging importance of and strict regulations on privacy across the globe. That being said, the expectation is huge as regards the job to be performed by a DPO and the skills necessary to accomplish its tasks.
Main function of a DPO
A DPO is a person appointed by the organization to handle data privacy compliance. The DPO must be able to do and implement within the organization programs and activities that will ensure that every specific privacy requirement, rule and regulation is observed and carried out on all data processing activities. The DPO must be abreast of all the developments and updates on data privacy and must see to it that the organization can cope up with it.
The stressful part of a DPO’s function, if I may say, would be handling personal data breaches. This happens when an organization experiences an incident which compromises the availability, integrity or confidentiality of personal data of customers or clients and it needs to report the same to the concerned privacy authority and to affected customers or clients. This incident can cause great and irreparable damage to the name of the organization which can result to the payment of millions of fines and even imprisonment. In such event, a DPO’s career is actually at stake since it is supposed to be his duty to ensure that personal data in the organization are protected and that there are measures implemented to prevent the happening of breaches.
Skill set needed for a DPO
A DPO’s job is fulfilling and fun, but it is most of the time tough and challenging. With that being said, a DPO must be armed with the following skills:
1. Interpersonal and Communication Skills.A DPO must be able to communicate effectively, can present his plans, programs and activities with the top management and is able to build relationship with internal and external stakeholders.
2. Organizational Skills. A DPO must carry out all his duties and responsibilities in an orderly manner, with wisdom and sense of priority and can implement his privacy programs within the organization effectively.
3. Leadership Skills. It is hard for a DPO to do the data privacy compliance of an entire organization all by himself. He needs a team to help him or he may need to coordinate with key personnel for him to effectively perform his function. Thus, he must have leadership skills to delegate tasks, give instructions and provide guidance to others.
4. Business skills. In implementing the privacy programs and policies within the organization, the DPO must also consider the business aspects and his programs must be appropriate and linked with the business operations and standards.
5. Technological Skills. It is settled that our data privacy law does not specify that a DPO must be an IT professional. However, in data privacy compliance, technology always plays a big part. So, if you are a DPO, but you are not an IT expert, you should at least have a grasp of the technologies involved in the processing operations of your organization for you to be able to oversee the same.
6. External Engagement Skills. The DPO of an organization serves as the contact person in dealing with the appropriate privacy authority, customer and other stakeholder. So, the DPO must be able to represent the organization and interact with them in the context of consultation, investigation or enforcement.
These skills are very important for a DPO to effectively carry out his duties and responsibilities. On top of all these skills, it is likewise important for a DPO to be committed with his job and to never stop learning by attending trainings or forums that will help sharpen and advance his skills and knowledge on privacy and data protection practices and updates.
To all the DPOs and privacy practitioners out there, let us continue to uplift this profession and continue to support each other. Salute!
Reference: Ensuring the Effectiveness and Strategic Role of the DPO under the GDPR, CIPL GDPR Project DPO Paper, Nov. 17, 2016, p. 25