For the month of May, Sidepart is springing into one of tech’s hottest topics: Data Collection. In an era of digitalization, the possibilities and potential for data are seemingly endless. To stay competitive in the market, businesses must know all the different ways they can use data to boost performance. Today we’ll explore the role of a data protection officer and if your business should be hiring one.
Almost every company has a CEO, CFO and CMO who act as the guardians of key operational building blocks. Where would Google, Telus or Amazon be without a leader, a bookkeeper or a marketing strategy? But, what about data?
As we’ve discussed in previous articles, data is a key ingredient that most companies use to read customers minds and predict the future. Data plays such an important role that you would think companies specifically assign someone to manage and look after it. And many companies do, through hiring CIOs and CTOs. These positions however, often fail to look after the protection of data. As one the world’s hottest assets, data needs to be protected so that it stays valuable and useful. So how about hiring a Data Protection Officer?
What is a DPO?
A Data Protection Officer (DPO) is in charge of leading a company’s data privacy strategy and execution. Often, a DPO’s job includes:
- Strategizing how to make sure operations meet regulations
- Teaching staff about regulations and what the company is doing to meet them
- Assessing performance of data protection methods and adapting when needed
- Training staff who handle and process data
- Answering any questions or concerns from the public about their data
- Building action plans for any data issues that may come up
Do I Need a DPO?
Currently, DPO roles are really only in Europe. This is largely because of GDRP and its rule that any company collecting and keeping data must have a DPO. As a result, DPO roles have been popping up all over Europe in the past year. For those who need a quick refresher on GDRP, it basically is a set of super strict data privacy rules that the EU launched in May 2018.
For right now, Canada has no such DPO rules. As data privacy becomes more of an issue however, it is not a bad idea for companies to begin thinking about adding this leadership position on their own. In an age where data is king, companies now have a social responsibility to make sure they are securely handling collected data. By highlighting the DPO position and taking steps to protect data, companies can build social goodwill with customers. This goodwill can lead to a growing customer base, more sales and a great reputation!
Last year Canada’s Privacy Commissioner hinted that our privacy laws may soon follow in the footsteps of the GDRP. This suggests the DPO role may soon be required in the Canadian business world. Getting a head start on this trend by hiring a DPO sooner rather than later, can help companies add this role smoothly and gain an advantage over those who wait. Depending on what kind and how much data you collect, the DPO does not always have to be an entire job on its own. For right now, many companies can likely get away with giving the key roles of a DPO to other positions in the company.
Need a reminder on current Canadian data privacy regulations? Check out our previous article.
Ultimately, it is up to each company to decide if having a DPO makes sense for them. However, with the growth in data privacy issues it wouldn’t be surprising if a DPO soon becomes a required position.
We’d love to chat! For all things digital reach out to firstname.lastname@example.org
How Europe’s tough new data protection rules affect Canadians, too | CBC Radio. (2018, May 11). Retrieved from https://www.cbc.ca/radio/spark/397-1.4658751/how-europe-s-tough-new-data-protection-rules-affect-canadians-too-1.4658767
Data Protection Officers. (n.d.). Retrieved from https://www.pdpc.gov.sg/Organisations/Data-Protection-Officers
What is a Data Protection Officer (DPO)? Learn About the New Role Required for GDPR Compliance in 2019. (2019, May 15). Retrieved from https://digitalguardian.com/blog/what-data-protection-officer-dpo-learn-about-new-role-required-gdpr-compliance