COVID-19 update: BCS Publishing is open for business – Some orders may take longer than stated to arrive.

Data Protection Officer

By (author) Filip Johnssén, Sofia Edvardsen Technical editor John Potts

Publication date: 15 Feb 2021

Since the role of Data Protection Officer (DPO) was designated under EU GDPR in 2018, the understanding of what the DPO role entails and how DPOs solve problems day-to-day continues to grow. This book provides a practical guide to the DPO role, encompassing the key activities you’ll need to manage to succeed in the role. Coverage includes data protection fundamentals and processes, understanding risk and relevant standards, frameworks and tools, with DPO tips also embedded throughout the book and case studies included to support practice-based learning.
Filip Johnssén is Data Protection Officer, Senior Legal Counsel at Klarna. He has been working exclusively with privacy and data protection for over 10 years. Sofia Edvardsen is CEO & Owner of law firm, Sharp Cookie Advisors. She has extensive experience in data protection, intellectual property, software licensing, electronic commerce and commercial law in relation to technology transactions, outsourcing and startups.

Dimensions: 198x129mm

Print ISBN-13: 9781780174365

Ebook ISBN-13: 9781780174389

258 pages

Imprint: BCS, The Chartered Institute for IT

  1. Data Protection Fundamentals
  2. The Data Protection Officer
  3. The Data Protection Processes
  4. Understanding Risk
  5. Review Your Organisation's Data Protection Practices
  6. Standards, Frameworks and Tools
  7. DPO Case Studies 
Strikes a good balance between the regulation and the day to day role of the DPO – gives good practical guidance and references, and I think would make an ideal guide for those new into the DPO world. For those already undertaking the role, it helps to refocus, and provides some valuable information on key processes and procedures.

Andy Searle
Group Data Protection Officer, Howden Group

We are only just entering the age of data. Its power to transform humanity through new sophistication of data processing is unprecedented and unlimited. But with that power comes responsibility, and the role of the data protection officer has become key to risk management, business improvement and indeed, the protection of the values of a democratic society. This practical guide, the first of its kind, offers fresh insight into how a DPO can marshal and hone their skills in the battle for compliance, ethics and business value, in any organisation.

Jos Creese FBCS FSIM
CEO and Founder Creese Consulting Limited, past president, BCS

This book is the perfect manual for new DPOs to get started in the field, and for more seasoned privacy professionals as a reference guide. This book not only contains the essentials of data protection law, but also guides the reader through the daily activities of a DPO. The authors have done a great job in making a complex issue accessible.

Paul Breitbarth
Director, EU Policy & Strategy - TrustArc Inc. & Senior Visiting Fellow - European Center on Privacy and Cybersecurity, Maastricht University

Both authors bring a wealth of experience to this ‘manual’ for Data Protection Officers. Written in a clear and helpful style, it’s jam-packed with tips and resources. I particularly liked the softer tips needed for a DPO to succeed, and the two DPO case studies at the end are very useful. It’s refreshing to read a data protection book that is *not* written in legalese.

Tim Clements FBCS CITP FIP CIPP/E CIPM CIPT CDPSE CRISC CGEIT
Business Owner and Privacy Professional, Purpose and Means, Denmark

Johnssén’s and Edvardsen’s DPO handbook offers a concise mix of privacy law and data protection best practice aimed at the inhouse legal counsels and compliance professionals alike. The authors successfully balance informational writing and quality insights from their experiences as professionals in privacy leadership roles across European established companies and startups. What speaks to me is the many practical tips drawn from a corporate setting of what works and what does not and how successful organizations implement data protection compliance.

Mathias Strand
Assistant General Counsel, Microsoft Western Europe