“GDPR does not specify precise credentials a DPO must have, therefore different businesses will look for different professional qualities amongst candidates,” Sirota said. “DPOs are responsible for training staff involved in data processing, educating the company and its employees on important compliance requirements and conducting regular security audits, so it is a very expansive role with varying responsibilities. In addition, DPOs operate as the point of contact between the enterprise and any supervisory authorities that oversee data related activities.”