Following our FAQ document about the appointment of Data Protection Officers (DPOs),  here is a practical Decision Tree which offers a visual dimension to this important requirement. 

We are where the privacy community is! 

​By attending industry events in Europe and other regions, we make sure that we are able to stay abreast of all the latest developments in the wider privacy and data protection community. We consider this extremely important, as part of the service we provide to organizations is to deliver the latest insights into the privacy employment landscape. 
We were delighted to attend this year's Privacy+ Security Forum on 4-6 October in Washington, DC. 

Privacy is a profession on the rise, and experienced professionals are in high demand in Europe, particularly now with the GDPR's DPO appointment requirement. Consequently, many privacy professionals conclude that this is the perfect time to grab a new career opportunity. In our practice, we speak with talented individuals at all seniority levels every day. All look for something new, something fresh, something better!

Let's continue our analysis on the GDPR's provisions on appointment of Data Protection Officers (DPOs). We will look at the possible contract types for a DPO, the reporting line and positioning within an organization, the duties of the hiring organization and secrecy/confidentiality principles a DPO must be bound with while performing the job.

The new EU Data Protection Regulation now requires that certain private sector organizations must appoint Data Protection Officers (DPOs). This requirement applies to all types of organizations irrespective of their size and whether they are processing personal data in the capacity of a Controller or a Processor. ​​​Is your European business in the scope? Can you appoint an existing employee as a DPO? ​What are the qualities you should seek for? To whom should your DPO report? Take a look at our FAQ paper which addresses major questions raised by businesses.