What makes a great Data Protection Officer (DPO) under the GDPR?
IT, IS & Digital tech knowledge, business acumen, stakeholder management, neutrality, data protection regulation qualifications and deep knowledge, project management, privacy risk management, operational experience (marketing, supplier management), confidentiality, brand protection, leadership, the ability to challenge, training & teaching skills....
The list goes on.
And frankly, it's taken me years to accumulate these skills. I doubt any routes have been the exactly same, whether from legal, risk, digital tech or operational starting point; what's common is the mix of core skill-sets and a big appetite for continual learning. The DPO role in an organisation (whether mandated by the regulation or whether a company has elected to appoint one) is critical under the GDPR, but really hard and competitive to properly fulfil in house. And it's a competitive market out there.
Layer on to all of those hard and soft skills is the fact that DPOs should be free from conflicts of interest and cannot hold a position that leads them to determine the purposes and the means of the processing of personal data or that otherwise creates a conflict.
This is why using Sympatico as your independent, on demand DPO makes so much sense. All of the skills, neutrality and experience, without the inflexibility and big expense of hiring one. Get in touch with at firstname.lastname@example.org to see how DPO-as-a-service can work for your business, large or small.