No. The GDPR allows organisations to choose whether to appoint an internal or external DPO. The DPO may be a permanent member of staff (internal) or acting under a service contract (external).
Either way, your DPO must be given the necessary resources to fulfil their tasks. Similarly, you need to consider the level of support your DPO may need to carry out their duties adequately.
With a shortage of individuals trained to handle the specific DPO responsibilities, outsourcing these tasks and duties can help your organisation address the compliance demands of the GDPR while staying focused on core business activities.
