DPO conflicts – navigating the minefield with care
Whether your DPO is full-time in-house, external or also fulfils other roles, the appointee will have to find a way to navigate through a myriad of potential conflict of interest situations. By Alison Deighton and Samantha Jaggers of HelloDPO Ltd.
Some DPOs are dedicated full time to their role but may be appointed as the DPO for a group of companies. What happens when one group company acts as processor for other group companies? Does that create a conflict of interest for the DPO? Some DPOs have other roles to fulfil. If your DPO is also your head of legal, what happens when they need to advise the business on the action they should take in relation to a data breach? The best legal advice may be different to the compliance advice that a DPO needs to provide. Nor are external DPOs immune from the risks of conflict. If an external DPO is appointed as the DPO for multiple organisations, do they have sufficient time to dedicate to each organisation? Are any of their clients competitors or suppliers to another client?
UK Report subscribers: please login to access the full article.
If you wish to subscribe, please see our subscription information.