By Pádraig Hoare
There has been a surge in demand by companies hiring data specialists ahead of the incoming EU law on data protection, an expert has said.
Chief executive of Dublin-based cybersecurity firm Ward Solutions, Pat Larkin, said “notions of complacency had been shattered” as firms scrambled to get their data protection strategies in order ahead of the general data protection regulation (GDPR), which is made law in May. Mr Larkin said firms now realised data protection was not an issue to be taken lightly and required significant investment and man-power.
The GDPR was ratified in 2016 following four years of negotiation, replacing the existing directive on data protection. Unlike an EU directive, which can be implemented over a certain time, the regulation is made law once it begins in May, meaning penalties can be imposed from day one.
The regulation is designed to harmonise data privacy laws across Europe and to protect citizens’ data privacy. It not only applies to organisations within the EU but also to firms that do business inside member states.
If companies fail to comply with the regulation, they can be fined up to 4% of annual global turnover, or €20m.
Recruitment firm Morgan McKinley said demand for staff to deal with data protection issues has risen over the last quarter, with companies hiring permanent data protection officers as well as contracting GDPR specialists for short-term contract roles to assist with implementing strategy.
The most in demand GDPR-related positions include project managers, privacy experts, and business analysts.
Mr Larkin said engagement from firms was now “peaking” after an increase in demand began in November. “
We are definitely in the thick of it. Many are only starting to prepare. What we are noticing is that a lot of firms do not have the skills in-house needed to appoint a data protection officer, and are looking to outside specialists,” he said.
Mr Larkin said the GDPR was not to be feared by organisations, but as “a way to demonstrate the handling of people’s data appropriately”.
“It will be a continuous journey and compliance will not stop when the GDPR comes into being. It is as much about maintaining compliance in the long-term as it is about implementing it,” he said.
Public awareness of data protection has heightened in recent weeks after social media giant Facebook became embroiled in a data harvesting scandal.