Introduction to Resource Center
This page provides an overview of the IAPP's Resource Center offerings.

Contact Resource Center
For any Resource Center related inquiries, please reach out to resourcecenter@iapp.org.



Resource Center / Tools and Trackers / Data Protection Officer Requirements by Country

Data Protection Officer Requirements by Country

This chart catalogues DPO requirements for numerous countries.

Last updated: December 2021

Contributors:

Caitlin Fennessy

Click to View (PDF)

Increasingly, privacy and data protection laws around the world require organizations to designate a data protection officer to translate legal protections into practical reality. This chart catalogues those requirements but does not include the many additional instances in which a DPO is recommended but not required. If you are aware of additional material that should be included here, please email the Westin Research Center at research@iapp.org.

Tags: Privacy Law, Privacy Operations Management, Privacy Research, Westin Research Center
Related Stories
DPO Toolkit
Here, you can find the IAPP’s collection of coverage, analysis and resources related to data protection officers....
Brazil's DPO dilemma: How and who to choose?
Organizations are responsible for compliance with Brazil's General Data Protection Law and, therefore, must adopt effective measures capable of proving compliance with the rule. One of the determinations provided for in the LGPD is that the controller designates the data protection officer, who will...
Read More
Top-5 operational impacts of Brazil’s LGPD: Part 4 — DPOs
In the first three parts of this series on the operational impacts of Brazil’s General Data Protection Law, we examined the law’s different substantive rights, security and governance requirements, and international data transfer issues. In this fourth installment, we consider the human resource imp...
Read More
Study: LGPD likely to require at least 50K DPOs in Brazil alone
1
Brazil’s General Data Protection Law is now in effect. Much like the EU General Data Protection Regulation, the LGPD has extraterritorial applicability, meaning any organization processing personal data in Brazil must comply with the law irrespective of the company’s location. One of the LGPD’s requ...
Read More