Save 20% on accredited EU GDPR course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Combining DPO and ISO role

  Quote
Created:   Feb 14, 2018 Last commented:   Feb 15, 2018

Combining DPO and ISO role

I am curious to know what is your opinion about combining Data Protection Officer and Information Security Officer roles in a small to medium companies? Is this a good idea, or not, and why?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Feb 15, 2018

Answer:

Combining the two roles is something that lots of small companies are thinking of and is a whole
debate on this subject among various professional circles. My personal view is that although in theory could work there will be some instances where a conflict of interest might appear.

For instance the Information Security Officer's job is to protect the assets of the company any by doing that he/she may engage in monitoring of employees activities. Thus, the Information Security Officer will think of the best and extensive ways to monitor the employees in order to ensure that the company`s assets are protected. On the other hand, the Data Protection Officer would need to leverage the monitoring extent with the rights and freedoms of the employees as well as their expectations of privacy.

So, you can see that there is a conflict of interest if one individual would need to perform both tasks.

There was also a case law in Germany a few years ago where the court ruled that the Information Security Officer cannot perform the tasks of the Data Protection Officer.

Y ou can find out more about the tasks of the Data Protection Officer by going through our article “The role of the DPO in light of the General Data Protection Regulation” https://advisera.com/eugdpracademy/knowledgebase/the-role-of-the-dpo-in-light-of-the-general-data-protection-regulation/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 14, 2018

Feb 15, 2018

Suggested Topics

Guest user Created:   Apr 21, 2022 EU GDPR
Replies: 1
0 0

DPO and GDPR flowchart

Guest user Created:   Feb 01, 2022 EU GDPR
Replies: 1
0 0

DPO questions

Guest user Created:   Sep 09, 2021 EU GDPR
Replies: 1
0 0

Acting as DPO