The critical value of data protection: What an IAPP-certified DPO can bring to an organisation. Meet Stanley.

As RS2’s legal advisor, Stanley was already familiar with GDPR. When he was offered the opportunity to take on the role of Data Protection Officer, he sought practical training in data protection management through the GDPR Ready Professional Course. Now an IAPP-certified professional, he explains how the ANSI/ISO-accredited course helps him contribute towards RS2’s data protection strategy.

What made you go for the GDPR Ready Professional Course?

The software company I work for is focused on the payments industry so we deal a lot with the processing of data. As a lawyer, I knew about GDPR already but I wanted to get more practical training to be able to handle issues more efficiently and take on the role of Data Protection Officer (DPO). Naturally, I also wanted the appropriate certification from a reputable international organisation, so I valued the recognition that comes with the CIPP/E and CIPM qualifications. There are many courses on the market but you have to choose well – and I’m certainly happy with my decision.

Once you’re certified, you become an IAPP member. This is an international organisation with members from all over the world, so in addition to gaining a valuable credential, you’re also getting the opportunity to connect with people who work in the industry. You also get access to exclusive resources and additional courses. For example, I can tap into updates on EU-level legislation, case law, or decisions issued by the European Commission. Data protection is an uncertain terrain, to a certain extent, because everything is new, so it’s crucial to stay in the loop as laws rush to keep up with tech developments in data. With the advancement of artificial intelligence, for instance, data has an important role to play.

What have you gained from your studies and certification?

The programme was particularly useful to me because it’s what enabled me to put what I knew into practice. Besides the fact that it’s legally advisable for big tech companies like ours to have a DPO, I find that my colleagues themselves want that reassurance too. Everyone is conscious of data protection rights these days and I receive a lot of queries related to this. People might want to know what constitutes personal data or how they should proceed in certain instances. This course gives you the ability to answer these questions or to know where to look for the right answers.

The course covers all the practical elements you’re dealing with on a day-to-day basis and gives you the ability to manage the implementation of GDPR policies. Everything was catered for. With the educator’s help, you learn how to write a data protection policy, for example, or how to source the right information and analyse the relevant metrics. It also shows you how to convince your co-workers or the decision-makers in your company to invest in data protection. This particular certification also gives you the credibility and authority to back your efforts. It helps you strategise and map things out into a plan of action, and in fact, I find myself referring to the resources we were given as I execute my duties.

How was your learning experience with ICE Malta?

I’d already had a good impression of the institute. The fact that they were offering the IAPP course in particular and that the lessons were held online was encouraging. I want to stress how easy and straightforward the whole process was — from accessing resources to sitting for the exam — and the support staff are really professional and helpful. The online setup is convenient and allows you to connect with educators and fellow professionals from all over the world, which enriches the experience. The lessons were delivered by a Data Protection Manager with years of experience who shares his first-hand insights. We had extra literature for more depth and you could rewatch the recorded sessions to revise any elements that needed a second look.

The four-day bootcamp delivery works out perfectly for someone with a busy schedule. I knew I could set those four days aside and dedicate my time to the course, rather than having it drag out over months. You even get flexibility when it comes to how you sit for your exam, which you can take online at home or at ICE Malta premises, like I did. You just need to dedicate some time, especially if you don’t have any background on GDPR, but it’s the perfect start for anyone who has his sights on the fascinating world of data protection.

In your opinion, who would benefit from enrolling in this course specifically, as well as gaining GDPR knowledge more broadly?

The GDPR Ready Professional course isn’t just suitable for lawyers. In fact, my colleague and I were the only lawyers in our cohort. Anyone who handles data would benefit from learning about GDPR, especially at this particular moment in time. There are constant developments which make it even more of an imperative. Take AI, for example. I don’t think we’ve realised just how important data is. In today’s world, data is the equivalent of oil in the 19th and 20th centuries. It’s the basis on which modern technology is developing and accelerating, so every company would benefit from having employees who are knowledgeable in data protection.

In my case, RS2 stepped in to fund my training, and it’s heartening to see an organisation taking its data protection so seriously. This way, an organisation can increase sensibility around GDPR, which helps it protect its reputation and retain its clients’ trust. It’s very important that companies have staff trained in the practical skills and the right tools to achieve that. Unfortunately, not all companies value the importance of GDPR training — that’s until something goes wrong — so I am happy to be working in an environment where data protection is the priority it deserves to be.

With the increasing importance of data protection, GDPR proficiency has become a staple asset sought by a variety of industries. Whether you’re a professional already working with data or you’re looking to carve out a specialised role in a DPO, the GDPR Ready Professional Course, as Stanley testifies, is the way to go.

 


Anyone who handles data would benefit from learning about GDPR. Data is the basis on which modern technology is developing & accelerating, so every company would benefit from training its staff in data protection.

STANLEY JOE PORTELLILawyer & Data Protection Officer