The UK will need a minimum of 7,000 Data Protection Officers before GDPR kicks in in May 2018, but in reality will probably need many, many more.
Those are the results of a new survey by GO DPO.
“This headline figure of 7,000 DPOs isn’t a wild exaggeration and if anything is an under-estimate of the actual requirement as many banks and insurance companies employ more than one senior manager to fulfil the requirements of a DPO whose role can involve handling millions of customer and client accounts,” says Darren Verrian, GO DPO CEO.
“Our conservative calculations are based on figures published by the BIS at the end of last year and exclude 33,000 medium-sized companies that employ 50-249 employees, many of which will also need to appoint a DPO. Not all companies will want to employ an in-house DPO but will opt for a third party provided DPO managed service. However, these independent contractors will also need to be trained.”
In any scenario, someone is about to earn a lot of money educating people to be data protection officers. Enter Henley Business School. It has just launched its own Executive Education DPO Programme and expects to have a significant number of enrolments over the next six months, GO DPO said in the press release.
“What the underlying figures for the recruitment and training of a DPO conceal is the vast amount of changes to data processing policies, processes and procedures that must be undertaken as a matter of urgency in order to protect business continuity in the face of one of the biggest shake-ups in data protection for over two decades,” adds Mike Davis, Head of Open Programmes at Henley Business School.
Davis said their DPO program is not just about training DPOs, but it will also help senior compliance managers step up their game when GDPR kicks in.