ICO looking for 200 staff to help with GDPR compliance
The Information Commissioner’s Office (ICO) has told MPs that helping companies comply with the General Data Protection Regulation (GDPR) will require substantial extra resources.
Speaking at a House of Lords EU Home Affairs Sub Committee on March 8th, UK information commissioner Elizabeth Denham said the ramifications of Brexit and the GDPR on data protection law would be considerable.
“In May 2018, new laws come into force to better protect people’s privacy in the digital age and ensure organisations who handle personal information get it right,” an ICO spokesperson said.
“That brings significant additional responsibilities for the ICO as the UK’s data protection regulator.”
According to SC Magazine, the extra resources will include approximately 200 new staff to help with GDPR compliance tasks – a 40 per cent increase on its existing 500-strong workforce.
The publication noted that the ICO may experience skill shortages while it looks to add lawyers, investigators and a range of compliance specialists to bear the burden of future workloads.
Are businesses ready for the GDPR?
The GDPR is set to take effect from 2018, following a year-long clemency period. However, recent statistics from the Direct Marketing Association showed preparedness for the changes is not universal.
In fact, little more than two-thirds (68 per cent) of organisations said they would be ready in time. Among marketers, the biggest concerns were consent (70 per cent), profiling (50 per cent) and legacy data (37 per cent).
Last month, the ICO issued guidance for businesses regarding GDPR compliance, which focused on the issue of consent. Under the GDPR, individuals will have far more control over how organisations use their personal information.
“Getting this right should be seen as essential to good customer service: it will put people at the centre of the relationship, and can help build customer confidence and trust,” said Jo Pedder, interim head of policy and engagement.
“This can enhance your reputation, improve levels of engagement and encourage use of new services and products.”
Breaching the GDPR
While the ICO hasn’t yet expanded on the roles that will become available at the organisation, SC Magazine noted that GDPR compliance is the key issue behind the recruitment drive.
It appears the ICO is taking the regulation seriously, even with the uncertainty surrounding the UK’s position within the EU following Brexit. Prime minister Theresa May triggered Article 50 last month, which means the UK is set to leave the union by the end of March 2019.
Nevertheless, businesses will be wary of breaching the GDPR, with penalties potentially equalling four per cent of total revenue or €20 million, whichever is higher.
Given the severity of the GDPR’s proposed punishments, corporate governance departments are no doubt working hard to implement new systems, where necessary.
Over the coming months, we expect organisations to ramp up their recruitment to tackle GDPR-related projects, which is likely to involve bringing in data and change management specialists to facilitate the process.
Our Market Reports combine our review of the prevailing conditions in the compliance recruitment market with the results of our latest employer survey.
Image: cigdemhizal via iStock