Tag Archives: Fines

Fines under GDPR – German DPAs provide guidance

The German Data Protection Authorities (“DPAs”) released a paper on fines under Art. 83 General Data Protection Regulation (“GDPR”) in July 2017. Fines are hanging like a Sword of Damocles over the organizations that are getting ready for GDPR, since the upper limits of fines have been increased substantially. For example, German DPAs can currently … Continue Reading

German Data Protection Authority fines companies for transferring data to the United States

Following the CJEU’s judgment of October 2015 invalidating the European Commission’s Safe Harbor Decision, the Data Protection Authority Hamburg (“DPA Hamburg“) started investigations against 35 internationally operating companies in Hamburg. According to a press release of DPA Hamburg of 6 June 2016, these investigations revealed that the majority of the companies under investigation had used the … Continue Reading

UK ICO Annual Report highlights 100% success rate for monetary penalties imposed

The ICO, the UK’s data protection authority, published its 2014-2015 annual report. Most noticeably, the ICO announced that they had enforced no successful appeals against Monetary Penalty Notices. The ICO can impose civil monetary penalties of up to £500,000 for serious breaches of the Data Protection Act 1998, but this can be reduced by 20% … Continue Reading

The UK Information Commissioner’s Office issues the largest monetary penalty in its history to NHS hospital trust

This post was written by Cynthia O’Donoghue. The UK Information Commissioner’s Office (“ICO”) has issued its largest-ever fine of £325,000 GBP ($503,705 USD) to Brighton and Sussex University Hospitals NHS Trust following the discovery of highly sensitive personal data belonging to tens of thousands of patients and staff, including information relating to sexual health and … Continue Reading
LexBlog