Ransomware Attack Results in €460,000 GDPR Penalty for Centric Health
Centric Health Ltd, a provider of healthcare services to more than 400,000 patients in Ireland, has been [...]
The HIPAA Guide - Celebrating 15 Years Online
GDPR Articles
European Union to Propose New Rules to Streamline GDPR Enforcement
The European Union has announced that new rules will be written by the summer to streamline cross-border [...]
WhatsApp Slapped with €5.5 Fine for GDPR Violation
WhatsApp is the latest big tech firm to receive a financial penalty for violations of the General Data [...]
Meta Fined €390 Million for Facebook and Instagram GDPR Violations
Irish Data Protection Commission (DPC) has announced that Meta, the parent company of Facebook, Instagram, [...]
French Data Protection Authority Fines Microsoft Ireland €60 Million for Unlawful Use of Cookies
The French Data Protection Agency, the Commission nationale de l’informatique et des libertés (CNIL), [...]
Portugal’s National Institute of Statistics Fined €4.3 Million for 2021 Census GDPR Violations
The Instituto Nacional de Estatística (INE), Portugal’s National Institute of Statistics, has been [...]
Irish DPC Fines Meta Platforms €265 million for GDPR Infringements
Meta Platforms has been hit with another financial penalty for infringements of the EU’s General Data [...]
Clearview AI Slapped with Another €20 Million GDPR Penalty
The French Data Protection Authority, Commission Nationale de l’informatique et des Libertés (CNIL), [...]
Instagram Slapped with €405M GDPR Fine
The Meta-owned social media company, Instagram, has been fined €405 million ($403M) by the Irish Data [...]
Volkswagen Hit with 1.1 Million Euro GDPR Penalty
The Lower Saxony Data Protection Authority has imposed a €1.1 million financial penalty on Volkswagen for [...]
Spanish Data Protection Authority Fines Google €10 Million for GDPR Violations
Google LLC has been fined €10 million ($10.59 million) by the Spanish data protection authority – Agencia [...]
Medical Software Provider Fined €1.5 Million for GDPR Violations
A vendor that provides software to medical analysis laboratories has been slapped with a €1.5 million [...]
Dutch DPA Fines Ministry of Foreign Affairs €565,000 for GDPR Violations
The Dutch Data Protection Authority (DDPA) has imposed a €565,000 penalty on the Dutch Ministry of Foreign [...]
Trans-Atlantic Data Privacy Framework Agreed in Principle by US and EU
The United States and European Union have an agreement in principle on a new Trans-Atlantic Data Privacy [...]
Ireland’s Data Protection Commission Imposes €17 Million GDPR Fine on Meta for Record Keeping Failures
Ireland’s Data Protection Commission (DPC) has announced a final decision related to an inquiry into 12 [...]
Irish Data Protection Commission Sued Over Failure to Act on Google GDPR Complaint
Dr. Johnny Ryan of the Irish Council for Civil Liberties (ICCL) is suing the Irish Data Protection Commission [...]
Final Decision by Belgian DPA Creates Problems for IAB Europe and Online Ad Industry
The Belgian data protection authority (APD) has determined IAB Europe violated the GDPR with its pop-up [...]
GDPR Fines Increased by More Than 600% to Almost €1.1 Billion in 2021
2021 saw almost €1.1 billion ($1.2 billion) in financial penalties imposed for violations of the EU’s [...]
Dutch DPA Fines Tax and Customs Administration €2.75 Million for GDPR Violations
The Dutch Data Protection Authority, Autoriteit Persoonsgegevens (AP), has announced it has imposed a [...]
Second GDPR Investigation of Dutch Tax and Customs Administration Uncovers GDPR Violations
The Dutch Tax and Customs Administration has violated the core principles of the EU General Data Protection [...]
Irish Data Protection Commission Proposes €28-36 Million GDPR Fine for Facebook
A financial penalty for GDPR violations totalling €28-€36 million ($32-$42 million) is not by any means [...]
€225 Million GDPR Fine for WhatsApp for Data Processing Transparency Failures
The second largest ever financial penalty to resolve GDPR violations has been imposed on WhatsApp by the [...]
French Publisher Fined for GDPR Violations for Installing Cookies Without User Consent
The French Data Protection Authority, Commission Nationale de l’Informatique et des Libertés (CNIL), has [...]
Amazon.com Facing €746 Million Fine for Alleged Advertising-Related GDPR Violations
Amazon.com has been slapped with a record-breaking €746 million ($888 million) GDPR penalty for allegedly [...]
Amazon Faces $425 Million Financial Penalty for Alleged GDPR Violations
Amazon is facing a $425 million financial penalty for violations of the EU General Data Protection Regulation [...]
Litigation a Bigger Concern than GDPR Fines for Most Security Leaders
It has been 3 years since the GDPR took effect and fines for noncompliance are being issued, but most [...]
GDPR Fine for Lack of EU Representative a Warning to All Non-EU Companies About Importance of GDPR Compliance
Businesses based collect or process the data of residents of the European Union are subject to the EU’s [...]
Irish DPC Launches GDPR Investigation of Facebook After 533 Million Record Database Dumped Online
The Irish Data Protection Commission has launched an investigation of a potential data breach at Facebook [...]
Dutch DPA Fines Booking.com €475,000 for Breach Notification Failure
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens -AP) has fined the online hotel booking [...]
Vodafone Spain Hit with €8.15 Million GDPR Fine
Last week, the Spanish data protection authority – Agencia Española de Protección de Datos [...]
Amsterdam Hospital Fined €440,000 for Failing to Implement 2FA and Insufficient Checks of Access Logs
OLVG hospital Amsterdam has been fined €440,000 by the Dutch Data Protection Authority (DPA) – [...]
GDPR Financial Penalties 39% Higher Than Total for the Previous 20 Months
The number of financial penalties imposed to resolve violations of the General Data Protection Regulation [...]
Grindr Fined €9.6 Million for Data Sharing GDPR Violation
Grindr, the world’s largest dating and social networking app for gay, bi, trans, and queer people, has been [...]
GDPR Violation Penalties in 2020 Totaled €171.3 Million
The online financial news and analysis portal Finbold has published a report detailing the GDPR violation [...]
Twitter Fined €450,000 For GDPR Breach Notification Failure
The Irish Data Protection Commission (DPC) has concluded its GDPR investigation into Twitter and has [...]
Vodafone Italy Slapped with €12.25 Million GDPR Fine
Vodafone Italy has received a €12.25 million GDPR financial penalty from the Italian Data Protection [...]
Carrefour Fined €3 Million by French DPA for Multiple GDPR Violations
Carrefour has received a €3.25 million GDPR violation penalty from the French data protection authority, [...]
EU Proposes Data Governance Act – A GDPR Framework for Industrial and Government Data
The EU General Data Protection Regulation (GDPR) gave EU citizens new rights over their personal data. It has [...]
Marriot International Slapped with £18.4 Million GDPR Fine for Data Breach
In July 2019, the UK Information Commissioner’s Office (ICO) announced its intention to fine Marriott [...]
British Airways £184 Million GDPR Fine Reduced to £20 Million
The UK’s Information Commissioner’s Office (ICO) has announced that the General Data Protection [...]
H&M Slapped with €35.2 Million GDPR Fine for Excessive Use of Employee Data
H&M, the second largest fashion retailer in the world, has been fined €35,258,707.95 ($41.2 million) [...]
Gartner Predicts 65% of Countries will have Data Privacy Legislation by 2023
The EU General Data Protection Regulation (GDPR) has now been in effect for more than 2 years and while this [...]
Irish DPC Orders Facebook to Stop Transfers of EU Citizens’ Data to the US
The Irish Data Protection Commission (DPC) has issued a preliminary order calling for Facebook to cease [...]
Class Action Lawsuit Alleges Oracle and Salesforce are Violating the GDPR
A class action lawsuit has been filed in Amsterdam by the consumer privacy organization, The Privacy [...]
GDPR Evaluation Report Hails GDPR a Success, But More Work Required
The European Commission, the executive body of the European Union, has published its first GDPR evaluation [...]
Hungarian Data Protection Authority Issues Record-Breaking GDPR Fine
The Hungarian Data Protection Authority (NAIH) has imposed a record-breaking financial penalty under the [...]
Hungary Suspends Data Subjects’ Rights Under GDPR During COVID-19 Pandemic
The government in Hungary has taken the controversial decision to suspend the rights of data subjects under [...]
Dutch DPA Issues €750,000 GDPR Fine for Improper Use of Biometric Data
The Data Protection Authority in the Netherlands has imposed a financial penalty of €725,000 ($791,000) on [...]
Brave Software Inc. Files Complaint Over Alleged Google GDPR Violation
Brave Software Inc., developer of the Brave web browser, has filed a GDPR compliant with the Irish Data [...]
Google Fined $8 Million by Swedish Data Protection Authority
The Swedish Data Protection Authority has announced it has imposed a SEK 75 million fine on Google for right [...]
Irish DPC Launches GDPR Compliance Investigations into Google and Tinder
The Data Protection Commission in Ireland, the country’s lead GDPR regulator, has launched investigations [...]
London Pharmacy Hit With £275,000 GDPR Penalty
The Information Commissioner’s Office (ICO), the UK’s GDPR data protection authority, has issued its [...]
New Federal Privacy and Data Protection Legislation Introduced
Currently there is no federal privacy and data protection law in the United States, only a patchwork of [...]
German Telecoms Company Gets $10.6 Million Fine for Noncompliance with GDPR
The German data protection authority has imposed one of the largest ever GDPR fines on a telecommunications [...]
German Real Estate Company Issued with €14.5 Million GDPR Fine for Unlawful Data Retention
A German real estate company, Deutsche Wohnen SE, has been issued with a €14.5 million GDPR penalty by the [...]
Poland Issues €645,000 GDPR Penalty for Lack of Organizational and Technical Safeguards
Poland’s Personal Data Protection Office has issued a PLN 2.8 million (€645,000) GDPR penalty to an [...]
Complaint Submitted to Irish DPC over Alleged Google GDPR Workaround
Google is alleged to have been using a ‘GDPR workaround’ to avoid the restrictions on data sharing [...]
Sweden Issues First GDPR Fine to School Over Use of Facial Recognition Technology to Monitor Attendance
Swedish high school has been fined €19,000 for violations of the EU Data Protection Regulation (GDPR) [...]
31% of EU Citizens Have Not Heard of GDPR
May 25, 2019 was the first anniversary of the compliance date of the EU’s General Data Protection [...]
British Airways Handed Record £183 Million GDPR Penalty
The UK GDPR supervisory authority has issued the largest ever GDPR financial penalty to date. British Airways [...]
Businesses Risk GDPR Fines Over Continued Use of Unencrypted USB Devices
Under GDPR, businesses must ensure that any personal data of EU residents that is collected or processed is [...]
Large GDPR Fines for Noncompliance Expected in 2019
It has almost been a full year since compliance with the EU’s General Data Protection Regulation (GDPR) has [...]
GDPR Compliance Has Helped to Reduce Data Breaches in the UK
The UK government has released the results of its annual cybersecurity breach survey which shows a fall in [...]
Harvard Business Review Shares Lessons from the Massive Marriott Data Breach
A Harvard Business Review report has been released on the most recent massive data privacy breach involving a [...]
Microsoft CEO Supports Global Enactment of GDPR-Like Legislation
In a recent interview at World Economic Forum in Davos Switzerland, Microsoft CEO Satya Nadella spoke about [...]
German Bundeskartellamt Restricts Data Gathering by Facebook
Last week, Bundeskartellamt, the German antitrust authority, determined that Facebook somewhat abuses its [...]
GDPR Supervisory Authorities Have Received 59,000 Data Breach Reports and Issued 91 Fines
DLA Piper’s new report shows there have been 59,430 data breaches reported to EU regulatory authorities [...]
HITRUST CSF is Now Incorporates GDPR Requirements
HITRUST has incorporated the EU’s General Data Protection Regulation (GDPR) into the HITRUST Cybersecurity [...]
GDPR Compliance To-Do List
The goal of this GDPR To Do List is to assist organizations and businesses that gather, process or retain the [...]
Google Issued a €50 Million GDPR Violation Penalty By CSIL
Google got slapped with a penalty of €50 million Euro ($56.8 million) for a GDPR violation. This is the [...]
Does GDPR Apply to Employees?
Is the General Data Protection Regulation (GDPR) also applicable to data of employees, just like with the [...]
Marriott Hotels Could Be Penalized Up to $915M for GDPR Breach
The investigation of a General Data Protection Regulation (GDPR) breach by the Marriott Hotels Group revealed [...]
Irish Data Protection Commission’s Strict Enforcement of GDPR in 2019
An Irish Data protection Commission (DPC) spokesperson recently disclosed in an interview that DPC is going [...]
Greater GDPR Enforcement Predictions for 2019
Mozilla’s Senior Policy Manager and EU Principal, Raegan MacDonald, issued a statement saying that in [...]
Facebook Investigated Again By the Irish Data Protection Commission
The Irish Data Protection Commission (DPC) is looking into another potential General Data Protection [...]
The Data Care Act – A New Federal GDPR-Style Data Privacy Bill
Data privacy regulations have been introduced in the 50 states, although, there is no federal data privacy [...]
Google to Relocate Management of EU Data from the US to Ireland
Google has unveiled its decision to make several changes to its terms of service and privacy policy. One of [...]
Which? Research Revealed Potential GDPR Breach by Retailers Issuing E-Receipts
The consumer group Which? recently conducted an investigation into the issuance of e-receipts to customers. [...]
Potential GDPR Breach by the Irish Government Department Investigated
The Irish Data Protection Commission (DPC) is under investigation for potential General Data Protection [...]
€400,000 GDPR Violation Fine for Portuguese Hospital
The Comissão Nacional de Protecção de Dados (CNPD), Portugal’s GDPR supervisory authority, has [...]
Up to 500 Million Marriott International Clients Impacted By Data Privacy Breach
According to a statement released by Marriott International, the personal information of around 500 million [...]
Location Tracking Leads to Multiple GDPR Complaints Against Google
A new data privacy complaint against Google has been submitted by a group of EU-based consumer watchdogs. It [...]
Two Senators Push for GDPR-Like Legislation in the US in 2019
A US Senate subcommittee disclosed that it is preparing a draft of new legislation similar to GDPR for the [...]
Instagram User Passwords Exposed Due to Flawed Download Tool
Instagram has issued a warning that the password details of some of its users had been exposed due to a [...]
Alleged Large Scale GDPR Breach at Microsoft Office Under Investigation
Microsoft Office is being investigated by Dutch investigators because of claims there has been a violation of [...]
Who May Be Exempted from GDPR Requirements?
The enforcement of the General Data Protection Regulation in the EU began on May 25, 2018. Companies [...]
Privacy International UK Filed Complaints Against US Firms for GDPR Breaches
Privacy International is a registered charity based in the UK that protects and promotes privacy rights [...]
Radisson Hotel Group Data Breach Subject to GDPR
The Radisson Hotel Group reported a potential breach that affected its loyalty and rewards scheme [...]
Average Data Breach Penalties in the UK Have Doubled in the Last 12 Months
U.K. law firm RPC published a report that says the average penalty for security failure or data breach has [...]
Is Canada Covered by GDPR?
A lot of Canadian businesses want to know if GDPR is applicable to Canada and Canadian businesses. Although [...]
BDO USA Survey Results Show that US Companies Are Addressing GDPR Shortcomings
BDO USA polled 145 U.S. corporate directors on public company boards in August 2018 about GDPR and their data [...]
Apple CEO Urges U.S. Legislators to Create GDPR-like Data Protection Regulations
The CEO of Apple, Tim Cook, spoke at the 40th edition of the International Conference of Data Protection and [...]
One in Six European Companies Not Ready for Data Breach According to BSI Study
According to a recently published study conducted by the British Standards Institution (BSI), one in six [...]
Irish DPA Reviews Twitter for Potential GDPR Violations
Twitter is being investigated by the Data Protection Authority (DPA) in Ireland over a possible GDPR [...]
Google+ About to Close Down Because of a Bug-Related Breach
According to a recent Wall Street Journal report, Google about to close down Google+ because of the [...]
AggregateIQ Gets the First UK GDPR Notice for Mishandling Personal Data
The Information Commissioner’s Office (ICO) has sent the UK’s first GDPR notice to AggregateIQ, an [...]
Cyber Attack on Facebook Impacts Almost 50 Million Accounts Holders
Facebook’s engineers discovered a serious data breach which was resolved on September 25. The data [...]
The Effect of GDPR on Data Breach Reports and Consumer Complaints
With the introduction of the General Data Protection Regulation (GDPR), EU residents now enjoy new rights and [...]
Changes Made to the Apple App Store Privacy Policy Following GDPR Introduction
Starting October 3, 2018, the Apple App Store will implement a new privacy policy rule that will require app [...]
Two French Location Data Companies Warned Over GDPR Violation
French data regulator CNIL has warned two French data firms, Fidzup and Teemo, to adhere to the EU’s [...]
22% Less Third-Party Cookies on EU News Sites Post-GDPR
The Reuters Institute at the University of Oxford conducted a study and found that there has been a 22% [...]
90% of EU Domain Visitors Give GDPR Consent
Consent management platform Quantcast Choice published a recent report that revealed that European Union (EU) [...]
How to Make a GDPR Compliant Website
If EU residents can access your website, and your website is used to collect some of their personal [...]
Appointing a GDPR Lead Supervisory Authority
The GDPR defines a Supervisory Authority as an independent public authority responsible for checking [...]
Requirements for GDPR Data Breach Reporting
Healthcare companies need to issue notifications when the personal information of GDPR data subjects is [...]
Role of the Data Protection Officer Under GDPR
Any company that collects and/or processes the personal data of EU residents needs to comply with the General [...]
Does the GDPR Apply to Medical Devices?
The EU General Data Protection Regulation (GDPR) has been in effect since May 25, 2018. All companies that [...]
New Data Privacy Law Signed by California Governor Offering GDPR-Style Protections
The California Consumer Privacy Act of 2018, AB 375, has been signed into law. California governor Jerry [...]
GDPR Right to Access Personal Data
Healthcare companies marketing or offering their services to EU residents that involves the collection or [...]
GDPR Rules for Recording Calls
Any company anywhere in the world that records calls from EU residents needs to follow the GDPR rules for [...]
33% of Healthcare Organizations Expected to Miss the GDPR Deadline
Healthcare providers that provide services to patients from the European Union, or market their services to [...]
What Rights Do Data Subjects Have Under GDPR?
The General Data Protection Regulation (GDPR) came into force in the EU on May 25, 2018. Its purpose is to [...]
What is GDPR Special Category Data?
As per the GDPR, companies are obliged to protect the personal data of data subjects; however, GDPR special [...]
What Does the GDPR Right to Object Mean?
There is a provision in the General Data Protection Regulation (GDPR) that allows data subjects to object to [...]
What is a GDPR Data Retention Policy?
Organizations that collect or process the personal data of people residing in the EU need to update their [...]
Are EU Citizens Residing in the US Protected by GDPR?
The General Data Protection Regulation (GDPR) generally applies to European Union citizens living in the EU. [...]
The Cost of GDPR Compliance
The day when the General Data Protection Regulation will be implemented is very near – May 25, 2018. [...]
What is High Risk Data Processing Under the GDPR?
Another question that has come up with the impending implementation of the General Data Protection Regulation [...]
What is GDPR’s Definition of Personal Data?
The General Data Protection Regulation (GDPR) is a new legislation that will dictate how personal data [...]
GDPR and Employee Personal Data
There are still many questions that people ask regarding the General Data Protection Regulation (GDPR), which [...]
What Does the GDPR Mean by Consent?
The GDPR will abolish and replace EU Directive 95/46/EC, which is called The Data Protection Directive. One [...]
GDPR and the Privacy Shield Agreement
As the GDPR will be enforced on May 5, 2018, people wonder how it compares and works in relation to other [...]
GDPR Exemptions That Provide Leeway to EU Member State Laws
Come May 25, 2018, the General Data Protection Regulations (GDPR) will set the pace as to how personal data [...]
GDPR Data Breach Notification Rules
The General Data Protection Regulation (GDPR) will be in force starting May 25, 2018. Organizations need to [...]
Responsibilities of GDPR Data Controllers and Data Processors
The General Data Protection Regulation often mentions GDPR data controllers and GDPR data processors. What is [...]
What does the GDPR Article 35 Require?
The General Data Protection Regulation or GDPR is a European privacy law that seeks to protect the personal [...]
What to Know About Using Passwords and GDPR Protected Data
Starting May 25, 2018, the European General Data Protection Regulation (GDPR) will be in force. The GDPR [...]
What is GDPR and Its Impact On Your Organization?
The General Data Protection Regulation or GDPR is a regulation of the European Union (EU) that was agreed [...]
Does GDPR apply to US companies?
New European data privacy and security legislation –General Data Protection Regulation (GDPR) – has been [...]
Copyright © 2007-2023 The HIPAA Guide Site Map Privacy Policy About The HIPAA Guide