The European Privacy Recruiter's Blog
Following our FAQ document about the appointment of Data Protection Officers (DPOs) under the GDPR and popular analysis blogs, here is a practical Decision Tree which adds some visual dimension to this important requirement. Note that we expressly excluded the obligation for public authorities in this chart and only focused on the applicability of the relevant provisions for private sector organizations.
Perhaps also a few words on the importance of timing. Do not wait until the last minute to hire your new privacy team members! Organizations which plan to recruit new DPOs/Privacy Officers in Europe, whether as a result of the GDPR or not, are recommended to allow adequate time for the entire hiring process: time to approve + time to recruit + time to actual start.
Finding the right privacy talent and in a timely manner is a challenge but it can definitely be planned better!