In May 2018, the General Data Protection Regulation (RGPD) came into force. This European law introduced a series of changes regarding the protection of information and the processing of personal data by institutions and companies.
Among the novelties, one of the most outstanding was the creation of the figure of the Data Protection Officer (DPO). Their presence is even mandatory in certain public and private entities. This fact has contributed to the fact that the demand for these experts has grown exponentially in recent years.
In today’s article we tell you who this professional is, what his main functions are and how to become one.
What is a Data Protection Delegate?
Broadly speaking, it could be said that the Data Protection Officer or DPO is the person in charge of informing and advising on everything related to the RGPD to the organization for which he works (internally or externally) and to its employees , as well how to ensure compliance.
Some of the places where a Data Protection Officer can practice their profession are:
- public organizations
- professional associations
- Educational centers and universities
- Credit financial institutions
- Investment services companies
- Credit and Wealth Assessment Organizations
- Telephone and Internet companies
- Marketers and distributors of energy
- Health centers
- Companies that use personal data for advertising or commercial purposes
- Market research and retail marketing entities
- Private security
Functions of the Data Protection Delegate
- Inform and advise of the obligations in the future to data protection, both to the person responsible for its treatment and to the rest of the employees of the company or institution.
- Supervise the implementation and compliance with the GDPR.
- Review the internal policies of the organization in terms of data management and privacy and adapt them to the execution of the regulations.
- Carry out personal data protection impact assessments.
- Manage the documentation and notification of personal data breaches.
- Help the employees of the organization with any doubts they have regarding the treatment of information or the exercise of their rights.
- Train the personnel involved in data processing operations and their audits and assign them responsibilities.
- Carry out actions or coordinate other types of activities that serve to make the entity’s personnel aware of the importance of complying with the regulations. You might be interested in more articles on our site.
- Collaborate and act as an intermediary with the Spanish Agency for Data Protection (AEPD) and the corresponding regional authorities, making queries and questions about data processing and protection.
According to the job search website Glassdoor, in Spain the average salary of a Data Protection Officer is around 53,000 euros per year .
What is needed to be a DPO in Spain?
As expected, not just anyone can be a Data Protection Officer. To do this, the RGPD (and the Organic Law on Data Protection and guarantee of digital rights, LOPD-GDD) establish the following requirements:
- Be in possession of a university degree that accredits specialized knowledge in Law , such as, for example, the Online Law Degree from the European University (also available in person in Madrid and Valencia ).
- Have professional experience in the field of data protection .
- Have the necessary skills to carry out the tasks that we mentioned in the previous section: professional ethics, knowledge of the business environment, communication skills, languages, handling of new technologies, proactivity, autonomy, etc.
Although it is not mandatory, there are more and more companies and institutions that welcome the fact that the candidate to work with them has a specific certification or training in data protection . This awakens their confidence and gives them security. And there, we can help you, you just have to consult our Master in Online Data Protection . Open the doors of the job market and make your Curriculum Vitae stand out from the rest!