Guidelines on Data Protection Officers (‘DPOs’) (wp243rev.01)

Categories Blog, Business, Design / Branding, Free Data Protection Resources
Date September 8, 2020

Guidelines on Data Protection Officers (‘DPOs’) (wp243rev.01)

Section 5.8 What are the professional qualities that the DPO should have?

The DPO shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil his or her tasks.

The necessary level of expert knowledge should be determined according to the data processing operations carried out and the protection required for the personal data being processed. For example, where a data processing activity is particularly complex, or where a large amount of sensitive data is involved, the DPO may need a higher level of expertise and support.

Relevant skills and expertise include:

expertise in national and European data protection laws and practices including an in-depth understanding of the GDPR
understanding of the processing operations carried out
understanding of information technologies and data security
knowledge of the business sector and the organisation
ability to promote a data protection culture within the organisation

Source: Article 37(5) of the GDPR