Data Protection Officer: Job Description

The Data Protection Officer job, better known as DPO, is to protect personal data and information.
The DPO’s main task is to ensure that the use of data collected by the company complies with the regulatory framework.

---

Also read the difference between Big Data and Business Intelligence

---

Data Protection Officer: the job

As of 25 May 2018, following the implementation of the Data Protection Regulation (GDPR), many companies and administrations whose activities give rise to some form of personal data management, as well as public bodies, are obliged to appoint a DPO.

But, what are the main tasks of a Data Protection Officer?

Ensuring compliance with personal data legislation

Any company that collects or uses personal data must comply with the law. Whether that data is used internally (for recruitment purposes, for example); or externally for commercial purposes (for an email campaign, for example).

Finding alternative uses for data that comply with the law

In order for the company to be able to maintain its activities, while respecting the law concerning the collection and processing of personal data, it is important that the DPO be able to propose alternatives and adapted structures.

Ensuring compliance with the law within the company

In order to inform the various entities of the company of the challenges represented by the data protection law and the importance of compliance with it, the Data Protection Officer must be able to raise awareness and train the internal teams on this subject.

Required skills of the Data Protection Officer

Computer literacy and legal knowledge

The DPO must be familiar with the regulations on the protection of personal information, the laws on ICT, and the various methods and techniques for protecting this data. They must also have knowledge of cyber security.

Versatility

The DPO must be versatile in dealing with different subjects, whether legal or IT-related. Furthermore, his/her job is cross-functional within a company as he/she has to work with various and varied entities such as the marketing, sales, and HR departments, etc., as well as externally with the company’s partners and suppliers.

Context

As mentioned before, for more and more companies, it is now becoming necessary to have a DPO.
On the one hand, since the law of 25 May 2018, in companies and administrations where the activity gives rise to any kind of management of personal data, as well as public bodies, it is mandatory to have a DPO.
On the other hand, data has become a crucial element in companies. To ensure its security and legal use, companies are also increasingly calling for a DPO profile.

Salary

The DPO’s salary varies between 600-800€.

Data Protection Officer: Training and Education

To become a DPO there are training courses from BAC+3 to BAC+5. They can be undertaken in engineering schools or in university courses. As the profession is relatively new, training courses are not available everywhere, but here are some examples:

• Paris II Panthéon Assas University Diploma in Data Protection Officer;
• Master of Management in Data Protection from ISEP;
• IESIA Master in Information and System Security;
• DPO/CIL diploma from the University of Franche-Comté.

You can also read : A Complete Guide on Cyberattacks and Cyber Defence 202