The Personal Data Protection Authority officially introduced the title of data protection officer into our lives with a communiqué. So what is a Data Protection Officer? What exactly does a data protection officer do and how to become a data protection officer? Here’s what you need to know…
Today’s issue of the Official Gazette introduced a new term that concerns all citizens. Personal Data Protection Authority (KVKKAccording to a communiqué prepared by the ) and published in today’s issue of the Official Gazette, “Data Protection Officer” a new business sector has emerged. So what exactly will data protection officers do, which is expected to be very important in the increasingly digital world?
With the widespread use of smartphones, computers and the internet, data theft has become quite common. The clearest example of this is the In the Yemeksepeti scandal we have seen. As a result of the data breach, all the information of 20 thousand users was shared and even this information fell into the hands of perverts. KVKK’s new move, Data protection officers with ISO standards in Turkey aims to create
What is a data protection officer?
Data protection officer, as the name suggests, means those who work to protect our data in the digital environment. created to certification programs Everyone who is successful in the exams to be included in the exam will be awarded the title of data protection officer. In fact, we can say that the certificates issued by some private companies have been made official with the current issue of the Official Gazette. Citizens who have passed the exams and passed, In accordance with (TS) EN ISO/IEC 17024 standard They will be given a certificate that they are data protection officers.
Official newspaper; defines the data protection officer as:
- Those who are successful in the exam among those who have received the certificate of participation are entitled to use the title of data protection officer.
- Under the program in which the data protection officer is certified in terms of personal data protection legislation considered to have sufficient information.
- The data protection officer only during the validity period can use this title.
How to become a data protection officer?
The first institution to take action to become a data protection officer is the Turkish Accreditation Agency (TURKAK). TÜRKAK will act as an intermediary in the delivery of training and examinations. educational institutions will determine. Thus, some training centers have begun to train data protection officers. has been authorized they will be. Citizens who want to be data protection officers will follow these authorized educational institutions and take the exam after receiving training.
What are the requirements to become a data protection officer?
According to the information in the Official Gazette, in order to become a data protection officer, first of all, to be included in the training programs opened on this subject and to get through this training. not exceeding 4 years needs. Citizens who meet this requirement will have the opportunity to enter the exams without having to re-educate. Before who had no education citizens will have to complete the training to be started. Exam and training fees will be announced by the Personal Data Protection Authority (KVKK).
Is the title of data protection officer permanent?
The answer to this question is yes. Citizens who received training from authorized institutions, took exams and managed to become data protection officers, the certificate they received for 4 years they can use. At the end of 4 years, it will be necessary to retake the exam and be successful. Otherwise, there will be a loss of title and the citizen will not lose the certificate he received 4 years ago. won’t be able to use.
The purpose, scope and basis of the communiqué published in the Official Gazette is as follows:
Aim
ARTICLE 1 – (1) The purpose of this Communiqué is to determine the procedures and principles regarding the certification of individuals within the Data Protection Officer Program in accordance with the standard (TS) EN ISO/IEC 17024.
Scope
ARTICLE 2 – (1) This Communiqué covers the certification activities to be carried out by the personnel certification bodies accredited in accordance with the (TS) EN ISO/IEC 17024 standard and authorized by the Authority, and data protection officers and candidates.
Rest
ARTICLE 3 – (1) This Communiqué is based on the item (e) of the first paragraph of Article 22 of the Law on the Protection of Personal Data No. 6698, dated 24/3/2016, and the Protection of Personal Data, which was enacted by the Council of Ministers Decision dated 17/1/2018 and numbered 2018/11296. It has been prepared based on subparagraphs (g) and (i) of the first paragraph of Article 7 of the Organization Regulation of the Institution and subparagraph (a) of the first paragraph of article 18.
If you want to read the entire communique in the Official Gazette, here You can use the link. (Related notification, Official Gazette page 11 starting as of