Data privacy and protection laws are coming to the [Middle East and North Africa](https://iapp.org/news/a/amid-evolving-privacy-regulation-in-the-middle-east-stalling-on-compliance-is-no-longer-an-option/) (MENA). While Europe and parts of North America have had a head start in terms of [implementing these regulations](https://www.financierworldwide.com/indepth-feature-data-protection-privacy-laws-2021#.YWOX0qApDwd), MENA is following in their footsteps. Some view Data privacy as a [human right](https://gisf.ngo/resource/exposed-exploited-data-protection-in-the-middle-east-and-north-africa/), while for others, data privacy and regulation are part of a broader economic development plan. Regardless of motivation, data privacy capabilities are becoming necessary for any business that has European customers as General Data Protection Regulation (GDPR) and [offers protections to European citizens regardless of the geography of the business](https://gdpr.eu/companies-outside-of-europe/). In addition to impending regulations, the MENA region, which already had significant digital vulnerabilities, has seen an [uptick in cybercrime during the pandemic](https://home.kpmg/ae/en/home/insights/2021/01/the-cybercrime-story-of-2020-the-uae-and-the-pandemic-part-2.html). There is a growing consensus that protecting consumer data is a key concern for both governments and companies – governments must aim to protect their citizen’s data from unscrupulous businesses, and businesses must protect their data (and their reputations) from [increasingly sophisticated](https://www.wsj.com/articles/hack-suggests-new-scope-sophistication-for-cyberattacks-11608251360) teams of hackers. The pandemic has added additional layers to the data privacy concerns. [Governments and researchers have sought to use personal health data](https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/privacy-security-and-public-health-in-a-pandemic-year) to understand and combat the spread of disease. Meanwhile, many more people working from home has put pressure on IT departments to ensure that remote workers are handling data safely and securely from their offsite internet connections. Recently, Saudi Arabia has announced plans to implement the [Personal Data Protection Law](https://www.cdpinstitute.org/news/its-the-law-09-21-2021/) to ensure that consumers give informed consent before their data can be used. The goal is to create trust and lay the groundwork to benefit from a wider digital transformation in Saudi Arabia and throughout the region.
*“Consumer data is clearly transforming business, and companies are responsible for managing the data they collect.”*
# - [McKinsey & Company](https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/the-consumer-data-opportunity-and-the-privacy-imperative)
Data privacy regulations put pressure on organisations to improve their data management capabilities to attain and to demonstrate compliance. The implementation of GDPR and the California Consumer Privacy Act (CCPA) has shown that these laws disrupt the workplace and the labor market. This reality is only compounded when various nations and regions develop their own unique requirements.
New Roles Required
Job roles closely related to data privacy and protection have proliferated worldwide. Titles such as that of the Chief Information Security Officer are being added to the executive suite alongside the Chief Information Officers and Chief Data Officers who must work in harmony with security teams to integrate compliance and best practices into their initiatives. These executive roles are supported by managers and technicians who work closely with data. Data Engineers, Data Stewards, Data Custodians and Business Analysts who know where to find data and what the data is used for are in demand. Data privacy is a "[multifunctional discipline](https://iapp.org/news/a/expect-the-privacy-job-market-to-stay-strong-even-after-the-pandemic-subsides/)," that touches on legal and technical functions throughout an organisation. Some of these roles are needed for the long term to guide and maintain systems, but other [experts are needed in the short term](https://iapp.org/news/a/expect-the-privacy-job-market-to-stay-strong-even-after-the-pandemic-subsides/) to set up systems. Forward planning and flexibility are required to efficiently implement emerging data regulations. The introduction of new legislation inevitably causes organisations to scramble for the people to staff the key positions. In an already tight labour market for tech talent, good data security specialists are hard to find. It helps to have a partner in finding the right talent. Halian is an expert in helping partners assess their staffing needs, refine the roles, and fill those roles with top-notch candidates. Whether staffing for a new position or filling out existing teams, Halian has the expertise to get your team up and running. Data is fueling innovation around the world. At the same time, citizens and governments are demanding that personal data be used ethically and handled responsibly. It will take some time for the labour market to produce enough expertise to address these mandates. Until then, the smartest companies will plan ahead to ensure their data capabilities can meet the challenges ahead.