No. This remains solely the responsibility of the Data Controller or Processor (i.e the Practice)
The ICO states clearly
“The DPO isn’t personally liable for data protection compliance. As the controller or processor it remains your responsibility to comply with the GDPR.”
The DPO role is to advise data controllers and processors on what they need to do, and to provide independent external assurance, not to carry out the activities themselves.”
The EU guidance on this area is equally clear:
“DPOs are not personally responsible for non-compliance with the GDPR. The GDPR makes it clear that it is the controller or the processor who is required to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation’ (Article 24(1)). Data protection compliance is the responsibility of the controller or the processor.”
