With the explosion of data protection and privacy, the massive rise in the demand for data privacy jobs across the globe is not exactly surprising. In its November 1 report, AXIOS revealed there is a global shortage of data protection professionals. The same thing is also observed in Singapore.
Other key insights of global industry observers include:
- New disrupters in the sharing economy such as Facebook and Uber are starting to painfully learn the significance of data protection.
- The global gold standard for certified Data Protection Officers (DPOs) is set by the International Association of Privacy Professionals (IAPP). PDPA training and data privacy courses are also now being offered to help DPOs become better at their jobs.
- With the reactionary demand, the market now faces an acute DPO shortage. This is despite the fact that more than 20,000 people worldwide have passed the IAPP certification examinations.
- On LinkedIn, the number of job postings for privacy officers, data protection officers, and chief privacy officers increased by a staggering 77% from 2016 to 2019.
- On the consumer side, statistics show that one in three Americans have experienced data compromise and at least 47% feel like they have little to no control over their personal data.
- The US Federal Trade Commission has instructed companies to hire chief privacy officers. Law schools are responding by introducing privacy as a course of study.
- With the California Consumer Privacy Act (CCPA) being implemented in January of 2020, the shortage will become even more apparent.
- In Singapore, the focus is on the operational aspect while also acknowledging the need for legal knowledge and input.
How to Become a Data Protection Officer Through PCP
There are several countries where organisations that handle personal data are required to appoint a Data Protection Officer (DPO) according to the data protection law. Similarly, Singapore’s Personal Data Protection Act (PDPA) also requires the appointment of a DPO. The Singapore Personal Data Protection Commission (PDPC) states that:
“All organisations, including sole proprietors and non-profit organisations must appoint at least one person as the Data Protection Officer (DPO). The DPO function is management’s responsibility and, ideally, the appointed DPO should be part of the management team, or at least have a direct line to management. The operational DPO functions, however, may be delegated to one or a few employees, or outsourced to a service provider.”
This is considered a “new” profession that was brought about by the law enforced in 2014 that resulted in the evident shortage of skilled professionals. Designated DPOs need to manage the data protection management programme (DPMP) of the organisation and this would require both bandwidth and skills.
The Singapore government initiated the PCP programme to facilitate Professionals, Managers, Executives and Technicians (PMETs), including those mid-career switchers to move into new sectors or occupations and undergo skills conversion. This allows for:
- Place-and-Train: PMETs are hired by participating employers before they undergo the needed training to take on their new job role.
- Attach-and-Train: PMETs are provided with work attachments and training ahead of a job placement through industry partners in growth sectors that offer good job opportunities.
- Redeployment / Job Redesign Reskilling: PMETs that are at risk of redundancy in vulnerable job roles are retained by current employers and provided reskilled training to take on new job roles within the same organisation.
Companies hiring a Data Protection Officer can also now apply under the PCP scheme. This includes “combo” roles that involve traditional job functions such as IT, HR, and marketing. These individuals need to also carry the DPO title in their designation. The PCP will also provide funding to organisations with course fees support and salary support.