26 May 2021
… certify COVID-19 vaccination, recovery or negativity was in breach of privacy laws. The certification was intended to be … this processing, who was authorised to access and use the data, or who was tasked with checking that the certificates … default. At all events, the Region should have performed a data protection impact assessment beforehand in order to …
28 October 2021
… Decision Origin of the case Image files containing health data about people with no connection to the municipality … to staff at the health clinic. Key Findings The Norwegian Data Protection Authority noted that the municipality did … internal deficiencies in its access management. This is a breach of the requirements regarding personal data security …
16 January 2024
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
30 January 2023
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal …
3 September 2024
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 …
24 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
18 November 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
17 June 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
28 December 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
5 November 2025
… the EDPB will already work on creating a template for data protection impact assessment (DPIA) and for data breach notifications. We invite you to provide your … the EDPB will already work on creating a template for data protection impact assessment (DPIA) and for data breach …
21 June 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
24 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
26 March 2019
… First fine imposed by the President of the Personal Data Protection Office 26 March 2019 Poland The President of the Personal Data Protection Office (UODO) imposed its first fine for the … of the Personal Data Protection Office considered the breach to be serious, since it concerns the fundamental …
20 July 2020
… be carried out 20 July 2020 The President of the Personal Data Protection Office (UODO), after having conducted an … (Główny Geodeta Kraju, GGK). The President of the Personal Data Protection established that the Surveyor General of … the General Data Protection Regulation (GDPR), where the breach consisted in failure to provide the supervisory …
18 December 2019
… The Norwegian Data Protection Authority imposes a fine on the City of Oslo … of Oslo, the Nursing Home Agency, for having stored patient data from the city’s nursing homes and health centres … The case commenced when the City of Oslo sent a data breach notification to the Data Protection Authority in …
28 October 2021
… lawfulness, fairness and transparency (article 5 (1) (a)), data minimisation (article 5 (1) (c)), Transparent … relating to CCTV monitoring of salon premises, the Data Protection Authority has concluded that the enterprise … monitoring of the reception area has been found to be in breach of the General Data Protection Regulation (GDPR). The …
15 September 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction decision.pdf …
30 May 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 32 (Security of processing) Keywords Data security Sensitive data Personal data breach Outcome No …
31 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome Reprimand Decision 202.5KB Download …
27 January 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Employment Outcome No …