Many professionals have an idea of where they want to end up and ultimately know what the end-goal is. But sometimes, the most common question marks that follow these aspirations have to do with qualifications. Do I have enough experience? Does my skill set fit the needs and responsibilities of the position? What can or should I do to boost my attractiveness as a candidate?
Singapore's Personal Data Protection Commission has recently begun demystifying career paths for the country's privacy pros with its publishing of the Data Protection Officer Competency Framework and Training Roadmap. Mostly geared toward data protection officers, the PDPC's framework "is developed to guide data protection professionals in enhancing their competencies so as to perform their job functions effectively in an organization," according to the commission.
PDPC Deputy Commissioner Yeong Zee Kin said the framework aims to boost a profession that is becoming more important and necessary in Singapore.
"The PDPC recognized the complementary relationship between data protection and data innovation for the digital economy," Zee Kin said. "Similar to the roles of human resource or finance, data protection is a critical role for the success of any enterprise and plays the central role in protecting and harnessing organizations' data resources and ensuring they can effectively utilize it for innovation."
The framework offers a full scope of the core competencies and proficiency levels for DPOs. It outlines job details for entry-level data protection executives all the way up to regional data protection senior management roles.
"The DPO Competency Framework gives organizations and their DPOs the guidance necessary to understand what training is needed for staff, how to up-skill themselves and show the career pathway for aspiring DPOs as they build their capabilities," Zee Kin said.
The framework's development saw consultation across sectors to reveal a full scope on the relationship between data protection and data innovation. Zee Kin said the PDPC did market scans on all facets of data protection roles, including job titles, descriptions, functions and requirements. He said discussions with privacy advocacy groups, both domestic and foreign, and examinations of pre-existing frameworks were also key in curating Singapore's framework.
With the training roadmap, the PDPC sought to help DPOs identify training and certification courses that will be necessary to help them achieve the next level of proficiency. Zee Kin said early indications signify the roadmap is insightful and is helping the country's privacy professionals build their resumes.
"Training providers have also shared that they are seeing an increase in the number of course participants, as well as more focused attention on areas from trainees on where they have identified their areas for improvement," Zee Kin said. "Some sectors have also expressed interest in sector-specific adjusted versions of courses attuned to the framework."
Zee Kin added that the direct feedback from current and aspiring DPOs on the framework and roadmap has been what the PDPC hoped for. The resources have also proven to be helpful to employers, who Zee Kin said are also using both tools for hiring decisions and training needs for their staff.
There are several takeaways that Zee Kin and the PDPC hope Singapore's privacy community can draw from the resources, but having DPOs realize the importance of their roles tops the list.
"Data is a critical resource for organizations," Zee Kin said. "It should not be viewed merely from a data protection lens or as locked away for compliance reasons. Good data protection practices can contribute to business innovation and growth, and DPOs are the guardians who can enable this."
Photo provided by Singapore's Personal Data Protection Commission
If you want to comment on this post, you need to login.