€50k fine part due to DPO assignment

Keeping DPOs independent

28th April 2020

The Belgian Data Protection Authority (28/4/20) fined a company €50k, for:

Having a DPO that lacked independence (he was also the director of risk, compliance and audit)
Failing to adequately engage the DPO in business matters
Failing to appropriate risk assess events
Failure to cooperate with the Data Protection Authority

They were not fined for the data security breach with triggered the alert.

Got a comment or request?

Need help with data protection or information security?