Date
21.12.2023
In this article we want to spotlight a data protection officer based on 10 questions they were asked by DPI. Piet Diependaele, DPO at AXA, is happy to answer them.
How did you end up in the role of DPO?
In 2013 there was the opportunity to take on the role of DPO within AXA Belgium. My studies at the Faculty of Law in Ghent and various responsibilities within IT ranging from artificial intelligence, over marketing systems, architecture, IT strategy, IT processes and quality assurance, gave me a solid basis to take on the many challenges linked to the GDPR. I did not hesitate for a second to commit myself to this.
Which part of the tasks of a DPO do you prefer?
The variety in the range of tasks, the constantly changing context, the ubiquity of personal data (and thus GDPR) in our business, and the importance AXA places on handling customer data transparently and correctly, makes it a motivating job/mission.
Which event in the privacy landscape has affected you the most to date?
The GDPR per se. The fact that Europe has (h)recognized the importance of protecting personal data, and has taken the necessary steps to do so to come up with an enforceable set of rules that allows each of us to maintain control over our data.
How would you describe the role of DPO in your company?
As a DPO, you represent within your company every person whose data your company processes. You represent their interests regarding the processing of their data.
What do you think is the biggest challenge for a DPO?
Large organizations have the main challenge of creating and maintaining a documented understanding of what they do with (personal) data. In my opinion, the biggest challenge for a DPO is to ensure that senior management understands this and works on it. The GDPR maturity an organization can achieve is determined by the quality of this “documented understanding.
Which technological evolution do you think has the most impact on data protection (positive/negative)?
Long ago, there was the Internet and the massive digitization that followed, thus much more personal data and consequently more risks of misuse. Currently, there is the generative AI that allows mass generation of fictitious data (in many forms). This makes it difficult to distinguish truthful and false data, and makes protecting personal data a challenge.
What is your golden tip for getting data protection and information security higher on management’s agenda?
Companies should embrace GDPR as the cornerstone of a trusting relationship with their customers. This trust is essential to the success of the business. If management sees the GDPR only as a legal obligation, it will not work out … Should management lack that understanding, you need to work on that.
What is your Swiss army knife as a DPO?
A good connection/relationship/cooperation with all departments is a necessity. They need to feel responsible. The role of the DPO is to support, enthuse and coach them. A mix of legal and IT experience certainly comes in handy here.
How do you keep up with new trends in GDPR technology and legislation?
Always good to appeal to multiple channels. Regularly attending seminars, trainings is a necessity. Organizations like the DP Institute can certainly help in this regard.
Date
21.12.2023
