The need for Data Protection Officers (DPOs) and other roles that relate to data protection management has experienced a steady rise over the years. DPEX Centre’s Singapore Data Protection Job Demand Report last 2020 indicated there’s a massive increase of 106% compared to 2019.
Understandably, there’s also an increase in DPO courses that are being offered nowadays. The same thing can be said for PDPA certifications as more demands for dedicated DPOs have been reported since 2021. In addition, a new Credence Data Trust Rating Systems has been introduced in Singapore to evaluate data protection practices.
In the Philippines, a new privacy certification has also been introduced known as the Philippines Privacy Trust Mark (PPTM). PPTM showcases the region’s desire to amplify consumer confidence in the management of personal data for organisations. It also provides certified businesses with a competitive advantage.
Nowadays, there is also an increasing number of professionals that are seeking more privacy training and expertise to pursue more lucrative job opportunities and advance their careers. Singapore and the Philippine authorities continue to encourage certification among data protection professionals and officers.
To help this cause, the Practitioner Certificate in Personal Data Protection course given by Singapore’s Personal Data Protection Commission or PDPC was extended to three days last 2021. It is an exam based certification that’s designed for local DPOs. In the Philippines, they also expanded the DPO ACE (Accountability, Compliance, and Ethics) programme.
Want to Pursue a Career as a DPO? Here’s Your Quick Guide
Singapore’s Personal Data Protection Commission (PDPC) has created a DPO Competency Framework that provides interested individuals a basic description of what a data protection career looks like and the types of competencies required by the job.
- Design Thinking Practice
- Data Protection Management
- Business Risk Management
- Data Sharing
- Data Ethics
- Stakeholder Management
- Data Governance
- Audit and Compliance
Apart from data protection expertise and knowledge, a competent Data Protection Officer needs to also have soft skills like the ability to relate to others. Other skills they need to have include:
- Adaptability: DPOs need to be self-starters and have the ability to monitor the industry. At the same time, they also need to have the required knowledge in dynamic environments.
- Project management skills: DPOs should be able to handle various types of data protection related projects within the organisation.
- Leadership skills: They need to lead the data protection management team. In addition, they also need to achieve the stated objectives and manage various projects.
- Negotiation skills: DPOs need to have the ability to effectively communicate with stakeholders (i.e., the regulators and staff).
- Stakeholder management: DPOs need to ensure that stakeholders are well aware of their roles in ensuring that data is kept secure and safe.
- Communication skills: DPOs need to engage different audiences, from managers to lawyers to IT staff.
In addition, DPOs need to have:
- A clear understanding of the business processes and operations of the organisation as it relates to C-U-D-S (Collection, Use, Disclosure/Transfer, Storage/Disposal) of personal data.
- Knowledge of privacy/data protection laws including outsourcing agreements, technology provisions, and drafting of privacy policies.
- Understanding of attestation audits, auditing, and the mitigation and assessment of risks.
- Negotiation skills to communicate successfully with data protection regulators/authorities.
- Great communication skills to be able to effectively communicate with a wide-range of audiences.
It is also crucial that a DPO has all the resources and tools needed to implement the required controls for the organisation. A trained DPO can also give value to the organisation by providing ways to minimise data breaches and risks and help sustain the organisation’s data protection programme.