Privacy is een boardroom issue
Data Protection Officer Programme
Accountability is a recurring theme in the new EU data protection and privacy legislation (most notably the General Data Protection Regulation, or GDPR) and will effectively require organisations to elevate the maturity of their internal governance around personal data. It is no longer sufficient to only ‘do the right thing’.
Controllers and processors need to have implemented appropriate technical and organisational measures to ensure accountability and to demonstrate compliance with their data protection obligations.
The appointment of a qualified Data Protection Officer (DPO) is a prudent approach to EU data protection and privacy legislation, and demonstrates a commitment to sustainable compliance with the new legal framework. Furthermore, a sustainable compliance programme can cause a reduction in an organisation’s liability risks.
What skills does a DPO need?
The GDPR lays down specific and highly professional requirements for the role of a DPO.
According to Article 35 paragraph 5 of the GDPR: "... the data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices".
This means that first and foremost, the DPO must have a professional level of expertise in EU data protection legislation, inclusing the GDPR. The DPO must futhermore commit to keeping their knowledge up to date through ongoing professional development and membership of a professional association. Lastly, networking with other DPO’s can be named as an effective and important way of sharing professional experiences and getting second opinions when needed.
Ensuring compliance with EU data protection legislation means balancing the legitimate interests of the organisation against any risk to the rights of the individual.
To achieve said balance, a DPO should possess the skills and ability to understand the organisation’s data processing operations and data protection needs, and be competent to work well in cooperation with others at all levels and in different organisational cultures.
The Data Protection Officer is a senior level role and as such a DPO must have access to all relevant personnel and a direct reporting line to the highest management level or the Board of Directors.
Click here for an overview of the DPO programme
Duthler Academy’s two-year post-bachelor Data Protection Officer Course provides professionals with a more than solid foundation for the role of Data Protection Officer as described in the GDPR.
Based on the knowledge and expertise of a multidisciplinary team of lawyers, accountants and IT professionals, the course provides: in-depth knowledge of data protection and privacy laws and regulations and a solid understanding of governance and compliance, internal control, administrative management, accounting and auditing.
The programme offers theoretical and practical tools enabling DPO's to establish and maintain an appropriate level of data protection and privacy in their organisation.
Furthermore, Duthler Academy also provides ongoing support and education to successful participants to ensure their knowledge stays up to date and relevant.
Opinion on the data protection officer