Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Ask The Experts

04:15 PM
Tony Anscombe
Tony Anscombe
Ask the Experts
Connect Directly

What Should I Look for in a Data Protection Officer?

The right candidate will possess the following skills.

Question: I need to hire a data protection officer. What should I be looking for in a potential hire?

Tony Anscombe, global security evangelist and industry partnerships ambassador, Eset: The EU's General Data Protection Regulation (GDPR) requires companies to appoint a data protection officer (DPO). While not a requirement by all legislation, having a person responsible for data protection in an organization does bring ownership and authority to this important task.

What skills should you look for when recruiting a DPO? First, the person must understand the relevant legislation and what constitutes personal information so they can identify where data is being held and ask the crucial questions of why it was collected and whether it still required.

Record-keeping (of audits, risk assessments, data access, monitoring, etc.) requires pragmatism – a key trait in a DPO. Yet this person must strike a balance between a pragmatic approach and also holding authority within the business, as the DPO role is also customer-facing. When consumers request copies or deletion of their data, the right processes need to be in place to deliver or delete as necessary.

Adding to these essential skills is the ability to educate employees on the correct methods for data processing and to educate the business on the reasons to comply. Last, an understanding is necessary of what technology is needed or available to protect the data.

In summary, look for a DPO who is a strong communicator and an independent worker, with legal knowledge and technical background, who can carry credibility and authority within the business.


Tony Anscombe is the Global Security Evangelist for ESET. With over 20 years of security industry experience, Anscombe is an established author, blogger, and speaker on the current threat landscape, security technologies, and products, data protection, privacy and trust, and ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Cartoon Caption Winner: Be Careful Who You Trust
Flash Poll