The number of vacancies for Data Protection Officers (DPOs) has surged by 709% since the rules of the General Data Protection Regulation (GDPR) were ratified nearly two years ago, according to Indeed.
The jobs site claimed in new figures that the nationwide recruitment drive has attracted the attention of job-seekers, with the number of candidates looking for such roles soaring 297% in the same period.
Appointing a Data Protection Officer is a key requirement of the new EU privacy laws and could result in a fine of up to 2% of global annual turnover or €10m, whichever is higher.
You will be required to appoint a DPO if you are a public authority, your core activities require “large scale, regular and systematic monitoring of individuals” or your core activities include “large scale processing of special categories of data or data relating to criminal convictions and offences.”
DPOs are essential to such organizations, responsible for monitoring internal compliance, advising on impact assessments and data protection obligations, and acting act as a contact point for data subjects and the supervisory authority.
As highly skilled independent experts in data protection, they command a significant salary, currently standing at an average of £47,483 – nearly double the average UK wage of £27,600, according to Indeed.
With the GDPR compliance deadline of May 25 fast-approaching, one company has launched a virtual DPO service designed to help organizations get in line before the cut-off date.
An outsourced team of cybersecurity and risk mitigation lawyers work alongside ThinkMarble’s in-house security analysts and incident responders to offer bespoke GDPR compliance services to firms.
Research from 2017 found that a fifth (22%) of organizations still hadn’t hired a DPO, and that more than half (52%) of these firms weren’t planning to until the second half of 2018 or beyond.
Information commissioner, Elizabeth Denham, claimed last year: “it’s scaremongering to suggest that we’ll be making early examples of organizations for minor infringements or that maximum fines will become the norm.”
However, the regulator is likely to take a dim view of organizations which haven’t taken the basic step of appointing a DPO before the May deadline.