Abstract:

Rapid technological development enables companies to collect and process increasing amounts of data. While new technologies and services are beneficial to businesses and consumers alike, they also pose a serious security risk. Organizations increasingly use these data for a variety of purposes, such as marketing and personalized services. The companies collecting, processing and utilizing personal data are required to comply with data privacy legislation. On 25 May 2018, the European Union's General Data Protection Regulation (GDPR) came into force. Non-compliance with the GDPR poses a financial, legal and reputational risk for a company. In order to implement the GDPR requirements and ensure data security, organizations appoint a Data Protection Officer (DPO). The main role of the Data Protection Officer (DPO) is to make sure that the organization manages the personal data of its employees, customers, service providers or other persons (including data subjects) in accordance with applicable data protection rules.

The article reviews the following scientific problem: that data protection officers do not possess any in-depth knowledge as to how to apply the GDPR, and neither do they know how to improve and raise their qualification.

The main purpose of this article is to present some recommendations that would help DPOs enhance their knowledge and raise their qualification.

This purpose will be accomplished through the following tasks:
1. Overviewing the GDPR.
2. Examining the principal occupational functions of a GDPO.
3. Assessing the opportunities for GDPO training and improvement.

This scientific article shall use the following methods: document analysis, review of scientific literature, case studies and generalization.

Keywords:

General Data Protection Regulation (GDPR), personal data, data protection officer (DPO), training.