Data breach notification

The Netherlands – First GDPR fine imposed: EUR 460,000

Today, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA“) issued its first GDPR-fine of EUR 460,000. The fine is imposed on the Dutch Haga Hospital for having an insufficient internal security of patient records. The fact that the first GDPR-fine was imposed on a hospital isn’t a complete surprise, as already in December 2018, …

The Netherlands – First GDPR fine imposed: EUR 460,000 Read More »

NETHERLANDS: Dutch Data Protection Authority received record amount of data breach notifications in 2018. Earlier today, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) issued a press release stating that it received 20,881 notifications of data breaches in 2018. In comparison to 2017, the amount of data breach notifications has (more than) doubled. The largest amount …

Read More »

EUROPE: Latest WP29 Guidelines on Data Breach Notifications and Profiling

On 18 October 2017, WP29 published proposed Guidelines on two key aspects of the GDPR – namely: Personal Data Breach Notification (Articles 33/34); and Profiling and Automated Decision Making (Article 22). We set out the key points and takeaways in this post. Data Breach Notification The proposed Guidelines clarify how the Data Protection Authorities (DPAs) …

EUROPE: Latest WP29 Guidelines on Data Breach Notifications and Profiling Read More »

AUSTRALIA: Mandatory data breach reporting comes to Australia

By Peter Jones (Partner, Sydney) and Josephine Gardiner (Associate, Sydney) After a gestation period that would make African Bush Elephants proud, it is finally here… It would be an understatement to say that data breach notification laws have been on the table for some years in Australia. The long-awaited mandatory data breach laws, which passed …

AUSTRALIA: Mandatory data breach reporting comes to Australia Read More »