Skip to main content
Skip to main content

Data Protection Officers – Avoiding a Conflict of Interest

This article discusses a case where a fine was imposed on a company for non-compliance with the requirements relating to the appointment and function of a Data Protection Officer (DPO) under the GDPR. It highlights challenges to the independence of DPOs that fulfil other tasks and duties within a business alongside their DPO role, and offers guidance for consideration to organisations about their DPO appointments and data governance structures.
Document type: Risk Standards & Guidance
Last updated: 10 June 2022
First published: 10 September 2020