Article 37 of GDPR states, “The data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil the tasks [of the role]”
If your organisation needs a DPO, you need to ensure that you are hiring someone with the necessary competence. If your DPO cannot fulfil the role and you rely on their ‘service’ then you may find yourself with problems when dealing with the regulator.
How can you take steps to ensure that the candidates for your role are competent?
Let Athene Secure sit in on your first-pass job interviews, where we will help you to assess whose competencies are fit for the role. Using this service, you can prove ‘due diligence’ to the regulator when hiring for such an important position within your business.