penalties

The Netherlands: 440,000 EUR fine for hospital re. unauthorised access to medical records

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) has published its decision to impose an administrative fine of EUR 440,000 on Amsterdam  hospital OLVG due to the lack of sufficient measures to prevent access to medical records by unauthorised personnel. After complaints, the Dutch DPA conducted an investigation, and carried out an audit of …

The Netherlands: 440,000 EUR fine for hospital re. unauthorised access to medical records Read More »

The Netherlands: Fine imposed on employer processing fingerprints of employees

By Stephanie Reinders Folmer and Richard van Schaik The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA“) issued a fine of EUR 725,000 for a company unlawfully processing fingerprints of its employees for attendance and time registration purposes. Under the GDPR, biometric data (e.g. fingerprints) processed for the purpose of identifying a natural person are considered a …

The Netherlands: Fine imposed on employer processing fingerprints of employees Read More »

AUSTRALIA: Assistance and Access Act, December 2018 – Uncertainty created by new rushed-in data encryption laws

On 6 December 2018, the Australian Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 (Cth) (the Act) was rushed through both houses of Federal Parliament without amendment and received royal assent on 8 December 2018. According to its Explanatory Memorandum, the Act is intended to ‘introduce measures to better deal with the challenges posed …

AUSTRALIA: Assistance and Access Act, December 2018 – Uncertainty created by new rushed-in data encryption laws Read More »