By the end of May 2018, the European data protection landscape will experience two major shake-ups. One, the EU General Data Protection Regulation (GDPR) will be in full effect. And second, companies will have created a massive number of GDPR jobs to ensure that they meet their GDPR compliance requirements.
GDPR requirements on data businesses
In the digital age, every company is or wants to be a ‘data business’. These same companies will be majorly hit when the GDPR requirement comes into full effect and not many will be ready by May 2018. With one year to the deadline, Gartner forecasts that less than 50% of companies will be in compliance with the GDPR even by the end of 2018.
So, just what does the European data protection law regulate?
While there are numerous requirements, a key emphasis is on giving consumers stronger rights and control over their data. The GDPR expects companies to allow and enable customers to access, change, export, and delete information from the company’s servers. Also, instead of a lot of legal-speak in privacy policies, firms will need to ask consumers for consent, explicitly, to use their data for specific purposes. Finally, companies will have to up their game in protecting their users’ data or face a penalty of €20 million or 4% of global annual turnover, whichever is higher.
In short, companies will have to tighten their reins against threats to consumer data. This might not seem like a big deal, but the fact that companies like Facebook estimate spending millions on GDPR compliance makes it a big one.
Strong hiring demand for GDPR jobs
To comply with the GDPR, companies will have to create GDPR jobs – positions for people to ensure that companies meet their data protection obligations.
Data Protection Officers (DPOs) are now in demand because according to the new GDPR, having a DPO is mandatory. This might be especially true for niches like the cloud service providers, which were not previously regulated by data protection laws. However, this may not mean that DPOs are going to be particularly well-compensated. Based on results of IAPP’s privacy professionals salary survey released earlier this year, DPOs take home a lower median salary of US$106,500 compared to the overall median of US$115,000 for privacy professionals.
Contractual and permanent GDPR jobs are on the rise as the need for businesses to put systems and processes in place to address data protection challenges and GDPR requirements. According to a survey conducted by Robert Half, companies are planning to hire 64% of new employees on a temporary and 66% on a permanent basis.
Companies are pouring more and more funds into hiring business analysts to assess their data flows and the impact of the change in their firms. Some, including software, social media and financial technology firms, are putting data protection officers on their boards. Others are bringing in project managers to handle the GDPR compliance shifts. The Robert Half study further noted that smaller businesses will be focused on hiring project managers (32%) to work on compliance initiatives while larger organizations are looking for data protection officers (33%) to take on GDPR responsibilities.
So, what next?
Managing consumer data is usually hard enough, now firms have to ensure that their data protection is top notch, a difficult and expensive process. However, firms struggling to comply with the data protection demands of the GDPR might not be such a bad thing. For one, it means that more people are becoming gainfully employed in GDPR jobs. It also means that consumers can sleep better knowing that they are better protected from information exploitation. And who knows? It could also give the European economy a boost with more firms providing solutions and consulting services to guide other companies in complying with the GDPR.