While the GDPR requires many organisations to appoint a Data Protection Officer (DPO), the roles and responsibilities of that position are not at all clear – despite the Article 29 Working Party’s (WP29) ‘Guidelines on Data Protection Officers’. Beltug and Deloitte therefore collaborated on a survey to create a benchmark for larger organisations, by sharing the experiences of privacy specialists from different sectors. DPOs from organisations based in Belgium were invited to participate in the qualitative survey.

Based on the results, Beltug has published the 34-page ‘DPO Benchmark: Beltug Survey Report’, which includes insightful key takeaways that organisations can leverage to improve both the effectiveness of their DPO function, as well as the overall maturity level of their data protection initiative.

The report focuses in on five overall findings:

  1. The DPO role is as unique as the organisation that has employed it
  2. An effective data protection governance structure is often lacking
  3. Money talks – selective prioritisation
  4. Different levels of maturity for different data protection initiatives
  5. What organisations need from a DPO and vice versa: need for a two-way street

This paper is available to Beltug members after log-in.