Data Protection Officers – Avoiding a Conflict of Interest
This article discusses a case where a fine was imposed on a company for non-compliance with the requirements relating to the appointment and function of a Data Protection Officer (DPO) under the GDPR. It highlights challenges to the independence of DPOs that fulfil other tasks and duties within a business alongside their DPO role, and offers guidance for consideration to organisations about their DPO appointments and data governance structures.
Document type: Risk Standards & Guidance
Last updated: 10 September 2020
First published: 10 September 2020
The document/page you are trying to view is password protected.
Please enter your password here
If you don't have a password and would like to access any restricted content please speak to your contact at QBE, or alternatively send us an email.