Tag Archives: Data Protection Officer

Belgian DPA fines company €50,000 for appointing DPO with conflicting role

On 28 April 2020, the Belgian data protection authority (DPA) fined a company €50,000 for having appointed its head of compliance, risk and audit as its data protection officer (DPO). The DPA’s decision is only available in Dutch (here) and in French (here). What was the breach? The reason for the fine was not that the DPO had … Continue Reading

Article 29 Working Party issues guidance on data portability, DPOs and lead supervisory authorities

As we enter 2017, 2018 doesn’t seem that far away…and with the new General Data Protection Regulation (GDPR) due to come into effect from 25 May 2018, organisations are running out of time to ensure compliance with the new data protection requirements. It is therefore not surprising that the Article 29 Working Party (“Working Party”) … Continue Reading

Amendments to Poland’s Data Protection Law Ease the Rules on Data Exports and Data Protection Officers

The Polish Parliament passed the Facilitation of Business Activity Act (source in Polish) which significantly amends the existing Act on Personal Data Protection. The amendments come into force 1 January 2015. The changes mean that the EU Commission’s approved Standard Contractual Clauses for data transfers (“SCCs”) and approved Binding Corporate Rules (“BCRs”) are automatically recognised … Continue Reading

Poland’s Draft Data Protection Law To Alter the Rules for Data Transfer and Data Privacy Officers

A draft of Poland’s new draft data protection law has been released and has the potential to significantly change the rules in Poland governing international data transfers and data privacy officers. Under existing rules, Poland is an EU member state that does not currently recognise the Standard Contractual Clauses or Binding Corporate Rules (BCRs) as … Continue Reading

German Data Protection Authorities Set Minimum Competency and Independence Requirements for Data Protection Officers

This post was written by Nick Tyler and Moritz Wagner. The German data protection authorities (DPAs) have recently passed a resolution setting minimum requirements for the competency and independence of company data protection officers (DPOs). This initiative follows inspections carried out within companies that revealed a generally insufficient level of competency among DPOs, as well as … Continue Reading
LexBlog