News
Earlier this month, the Portuguese National Commission for Data Protection ("CNPD") published five new guidelines of particular relevance to the public sector, including a guideline on the incompatibility of the accumulated duties of the Data Protection Officer ("DPO") and the Information Access Officer ("IAR"). In an opinion article for IT Insight, Sílvia Lencastre, Senior Associate of the Technologies, Media and Telecommunications (TMT) Practice, and Carolina Malheiro Dias, Junior Associate of the Technologies, Media and Telecommunications Practice, analyse the duties that conflict with the role of the DPO in an organisation.
"By deciding on the access or provision of documents containing personal data, the IAO will also be deciding on a personal data processing operation, which, according to CNPD, undermines the indispensable exemption in the monitoring of personal data processing operations carried out within the public entity, to which the DPO is obliged, and is therefore likely to generate a conflict of interest," say Sílvia Lencastre and Carolina Malheiro Dias.
Media:
- Ler na íntegra
- IT Insight