Can organizations realize efficiencies by combining DPO and whistleblower roles?
Following the implementation of the EU Whistleblower Directive in 2021, companies' data protection officers were tasked with setting up secure reporting channels. As these data protection and whistleblowing systems are exercised by the same unit, is it reasonable for companies to combine the DPO and whistleblower roles? PBK Technology Compliance and Operational Risk consultant František Nonnemann, CIPP/E, lays out the commonalities between DPOs and whistleblowing officers, such as their independence and access to top management. However, he notes, combining the positions could create conflicts of interests.