Latest Posts › Data Protection Authority

Share:

Belgian Data Protection Authority Weighs In On DPOs Deleting Data Subjects’ Personal Data

The Belgian Data Protection Authority holds that a Data Protection Officer (DPO) may not himself/herself delete personal information of a data subject. Doing so constitutes a violation of the General Data Protection...more

Hellenic Data Protection Authority Issues Opinion On Employee Data

The Hellenic DPA has issued an opinion regarding the appropriate legal basis for processing employee data under GDPR: Consent should be used as the legal basis only where the other legal bases do not apply....more

Italian Data Protection Authority Levies Warning Against Company Loyalty Program Promo

Italian Data protection Authority, Garante privacy, ordered a company that did not acquire granular consent for marketing from members of its loyalty programs to: (i) stop processing personal data for marketing purposes...more

Danish DPA Issues Guidelines For Transmitting Personal Data Via SMS

The Danish Data Protection Authority has issued guidance on the transmission of personal data via text messages (SMS). Key takeaways: Sending personal data by SMS is risky as it entails transmission in clear text, over...more

Dutch Hospital Fined Under GDPR For Medical Records Access Lapses

The Dutch Data Protection Authority has levied a fine of 460,000 euros on Haga Hospital for insufficient security following an investigation revealing that dozens of hospital staff had unnecessarily checked the medical...more

Tips For Verifying Individual Requests For Data Access Or Deletion Under CCPA And GDPR

How do you verify the identity of an individual requesting access to their data or that data be deleted? The Dutch Data Protection Authority, Autoriteitpersoonsgegevens, offers guidance which can be helpful and instructive...more

Furniture Store Fined Under GDPR For Failing To Delete Personal Data

If you retain personal data indefinitely, or have not given thought to your retention schedule – now may be the time to take another look. The Danish Data Protection Authority has fined a furniture store 200,000 EUR for...more

Questions In Swedish DPA’s Spotify Data Access Request Inquiry Can Aid GDPR, CCPA Compliance Efforts

The Swedish Data Protection Authority has initiated an inquiry into how song streaming provider Spotify handles data access requests....more

CNIL Issues Data Protection Kit For Developers

The French Data protection authority, CNIL, has issued a “Developer Kit” setting forth best practices for data protection. Key takeaways: Before using a development tool, especially for personal data, read the...more

Dutch Data Protection Authority Issues Advisory On Medical Records Under GDPR

“The right to be forgotten does not apply in principle to medical records. However, as a patient, you may ask your health care provider to remove data from your medical record,” according to the Dutch Data Protection...more

Danish Bus Company Ordered To Amend IT Systems To Allow For Right To Rectification

Danish data protection authority Datatilsynet has ordered a bus company to explain, by July 15, how it will amend its IT systems to allow for compliance with the right to rectification (correction) under GDPR and provide a...more

Finnish DPA Orders Company To Modify Automated Creditworthiness Assessment, Improve Disclosures

The Finnish Data Protection Authority has ordered a company to modify its automated practices for assessing creditworthiness. The authority held that the Credit Decision Service in the company’s online environment is an...more

CNIL, The French Data Protection Authority, Lists Enforcement Priorities

Enforcement is coming – says CNIL, the French Data Protection Authority. CNIL published its enforcement priorities for 2019. CNIL will no longer refrain from enforcing new obligations imposed by GDPR, but it will continue...more

Italy’s DPA Fines Data Processor For Information Security Failures

Caveat Data Processor. Italian Data Protection Authority, Garante, has issued a 50,000 EUR fine against a data processor platform for its failures to implement several information security measures....more

Dutch DPA Makes Data Protection Policy Recommendations

The Dutch Data Protection Authority makes six recommendations on drafting your data protection policy, based on its audits of privacy policies of blood banks, IVF clinics and political parties. A good data protection policy...more

French Data Protection Authority Reports 32 Percent Increase In Complaints In 2018

The French Data Protection Agency CNIL recieved 11,077 complaints in 2018, up 32.5 percent compared to 2017. Other highlights from the CNIL 2018 report- CNIL carried out 310 investigations in 2018, of which 204 were...more

Danish DPA: Consent Needed To Record Calls For Training Purposes

“This call may be recorded for training purposes…if you consent say ‘Consent’.” The Danish Data Protection Authority (Datatilsynet) has ordered a company to cease recording phone calls for training purposes until it...more

Highlights Of 2018 GDPR Enforcement

How has GDPR enforcement played out in the past year? The Dutch Data Protection Authority (Autoriteitpersoonsgegevens, or AP) recently published a report on its 2018 activities....more

Danish Data Protection Authority Dings Cab Company For Data Minimization Violations

GDPR Data minimization in action. Danish Data Protection Authority (Datatilsynet) finds cab company Taxa 4×35’s records retention practices in violation of the GDPR data minimization principle. The cab company removed names...more

Dutch Data Protection Authority: (Cookie) Walls Must Come Tumbling Down

Cookies and trackers sat on a wall, cookies and trackers had a great fall… Dutch data protection authority, Autoreitpersoonsgegevens (AP), holds that the practice of a cookie banner that does not allow you to enter a...more

Dutch Data Protection Authority Issues Guidelines On Complaint Handling Priority

Now serving complaint #6241… The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) has published guidelines on how it will prioritize the handling of complaints filed with it under the EU General Data...more

Danish DPA Publishes Guide On Data Minimization And Right Of Erasure

Forget me yes. The Danish data protection authority has published a practical guide on data minimization and the right of erasure under GDPR: If you use “soft delete,” a link is deleted but not the personal information...more

Austrian Data Protection Authority Weighs In On Erasure By Anonimization

Forget me yes, part two. Austrian Data Protection Authority holds that a data controller can meet its obligations to satisfy a data subject’s erasure request under GDPR by anonymizing personal data....more

EU Issues Statement On GDPR For Worldwide Data Protection Day

GDPR is here and is instrumental in bolstering individuals’ rights to their data. The European Commission has issued a statement in honor of Data Protection Day which will be celebrated worldwide on January 28....more

French Data Protection Authority Issues Password Guidance

Keep your passwords close…and complex, and encrypted and unique, and ever-changing. In the wake of recent data breaches involving passwords, the French data protection authority, the CNIL, has published guidelines for...more

50 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide