Data Protection Officers 2017

June 23, 2017 - Paris



In April 2016, the European Parliament took a significant step towards a Digital Single Market, voting in the new General Data Protection Regulation. Set to take force May 25, 2018, the GDPR mandates the appointment of a Data Protection Officer for organisations “processing a large scale of special categories of data”.


The DPO will be the guardian of your organisation’s data protection culture. As the primary contact for the supervisory authority, the DPO will serve as the cornerstone of accountability for data protection impact assessment, protecting data by design and by default, compliance and data breach notifications.


To meet the new GDPR requirements and avoid significant fines (up to 4% of annual global revenue), an estimated 28,000 DPOs* will need to be hired across Europe and the U.S. How should you navigate the labor shortage to recruit a DPO without stress? What balance of IT, legal and business skills does your DPO need? Reporting directly to the highest management level, should the DPO be integrated to the GC’s team or the CISO’s?


No matter how your organisation is structured, close cooperation with the IT teams will be a key lever to safeguard against the increased cybersecurity threats. Case in point: the hacking of 1 billion Yahoo! accounts, which underscores how critical it is for organisations to develop an arsenal against these types of attacks. Both consumer trust in the digital economy and your reputation are at stake!


For data to be the 21st century’s new oil – and not its new asbestos – the DPO must also carefully assess the risks of sharing data with third-party suppliers. Legal clauses are a first step but your DPO must be capable of deciding whether to pursue additional safeguards, such as vendor audits.


Finally, consider global data transfers. Does Privacy Shield offer sufficient protection for the transfer of EU citizens’ data to the U.S.? How will Brexit impact data flows with the UK?


Less than one year before the GDPR compliance deadline, our international roundtable on June 23, 2017, will convene European top-level DPOs, GCs and CISOs, so that you can best evaluate your compliance program and prepare for the final straight. We look forward to seeing you there!

Contact us:

Development Institute International
164, boulevard Haussmann 75008

+33 1 43 12 85 55

9AM- 6PM

Let's stay connected!