Re: Failure to report
> proposing to eliminate the statutory independence of the Data Protection Officer in favour of a ‘senior responsible individual’ with no specific requirements for either independence or expertise in the legislation.
I've seen no evidence of ICO actually caring about lack of independence or expertise of DPOs.
I raised, as part of a complaint, with ICO what I saw as a conflict of interest of my GP Practice's Practice Manager also being the DPO as, amongst other things, in his DPO role he would be unlikely to refuse health service central organisation demands for data sharing as (in his Practice Manager role) he would realise that any refusal might threaten his Practice's contract with the Health Service.
For the same Practice Manager/DPO I also highlighted to ICO his obviously extremely limited knowledge of Data Protection law, he seemed unaware of most of his DPO duties/responsibilities and when I was discussing with him issues that I'd raised it felt like I was training him about GPDR.
The ICO case officer had no interest in either matter.