New EU data protection rules to affect UK
Research conducted by the strategic partner for the Henley Data Protection Officer (DPO) Programme, GO DPO,, estimates that around 7,000 large companies (employing in excess of 250 employees) will need to recruit and train at least one DPO each over the next 24 months.
Between now and when the EU General Data Protection Regulation (GDPR) comes into force on 25th May 2018, that equates to having to train around 14 DPOs every single working day.
Darren Verrian, CEO, GO DPO explains: “This headline figure of 7,000 DPOs isn’t a wild exaggeration and if anything is an underestimate of the actual requirement as many banks and insurance companies employ more than one senior manager to fulfil the requirements of a DPO whose role can involve handling millions of customer and client accounts.
“Our conservative calculations are based on figures published by the BIS at the end of last year and exclude 33,000 medium-sized companies that employ 50-249 employees, many of which will also need to appoint a DPO.
“Not all companies will want to employ an in-house DPO but will opt for a third party provided DPO managed service. However, these independent contractors will also need to be trained.”
As a result of demand, particularly from the financial services sector, for senior manager training for those to be appointed as a DPO, Henley Business School has just launched its own Executive Education DPO Programme and expects to have a significant number of enrolments over the next six months.
“What the underlying figures for the recruitment and training of a DPO conceal is the vast amount of changes to data processing policies, processes and procedures that must be undertaken as a matter of urgency in order to protect business continuity in the face of one of the biggest shake-ups in data protection for over two decades,” adds Mike Davis, Head of Open Programmes at Henley Business School.
“Our DPO Programme isn’t about simply training DPOs to be compliant with European data protection law but is designed to help senior compliance managers make the step up to the new breed of DPO required under the GDPR. It also opens the door for the private sector to train senior consultants to provide a high-quality DPO managed service that will become an industry in its own right over the next couple of years,” observes Davis.
The DPO Programme can be experienced free by registering for the ‘Getting Started’ interactive Module – just click on the green “sneak preview” button on this web page www.henley.ac.uk/dpo