GDPR Report: Many organisations struggling to find qualified staff

Half of respondents to our EU General Data Protection Regulation (GDPR) Report said they are struggling to find qualified staff to help them prepare for the Regulation.

The GDPR takes effect on 25 May 2018, but 50.5% of respondents said their organisation’s current workforce isn’t equipped to implement a compliance project.

Our report polled 250 of our clients, and is intended to provide practitioners and senior management with insights into how organisations are progressing with GDPR compliance. This is the third blog in our series covering the report, having previously discussed data subject rights and staff awareness budgets.

Expert staff

Our respondents’ reported lack of qualified staff supports a white paper published last year by the International Association of Privacy Professionals (IAPP), which claimed that the Regulation will create a demand for 75,000 data protection officers (DPOs).

Organisations that require a DPO will rely on them to perform a wide variety of tasks, such as educating the company and employees on important compliance requirements, training staff who are involved in data processing and serving as a point of contact between the company and its supervisory authority.

However, with less than a year until the Regulation is enforced, our survey suggests that there is still a huge need for DPOs, as well as other positions that require a good knowledge of the GDPR.

Staff training

One way to fill the GDPR skills gap is for organisations to build up the knowledge of existing staff. Instead of trying to find GDPR experts in an increasingly competitive field – one that will only become more competitive as the compliance deadline nears – many respondents said they’d enrolled their staff on training programmes.

A large number of organisations are using training courses (46.4%), staff awareness courses (42.8%) and documentation toolkits (26.3%). Additionally, a significant number of organisations are investing in consultants (28.4%) and GDPR gap analysis products (32.5%).

Whereas consultancy services provide a structured approach that benefits from immediate expertise and guidance, most professionals find that training courses provide a practical and comprehensive understanding of the Regulation. As the respondents were our clients, they would have used our services – such as our GDPR Staff Awareness E-learning course.

This course is an ideal starting point for your employees. It provides your non-technical staff with a complete overview of the Regulation and its key compliance requirements.

For a more in-depth education on the GDPR, you should take a look at our certified training courses. Depending on your level of expertise, you might be interested in either:

Certified EU General Data Protection Regulation Foundation (GDPR) Training Course

Certified EU General Data Protection Regulation Practitioner (GDPR) Training Course

The courses are available in both classroom and distance learning formats.

Book these courses together in our combination course and save 15%.