With GDPR coming into force, it is highly recommended that businesses create a new position: the Data Protection Officer (DPO). The DPO ensures that the company and its subcontractors (called “data processors”) are in compliance when it comes to exploiting personal data, no matter the end use (commercial, internal, etc.).
The DPO must be versatile, and simultaneously understand digital and security challenges, but must also have a solid knowledge of ICT law (Information and Communications Technology).
All companies who process personal data (PII) on a large scale have to integrate this new position.