fbpx

Download free GDPR compliance checklist!

Violation of personal data security by the Danish Data Protection Agency

Denmark’s data protection authority Datatilsynet has suffered a data breach when it discovered that its own documents, which should have been shredded, were disposed of in the normal wastepaper bin.

The case includes physical documents, which may have contained confidential and sensitive information about citizens, employees, etc. The agency notified itself of the breach per Article 33 of the General Data Protection Regulation, however 24 hours after the 72 hours required by law.

Source: Violation of personal data security by the Danish Data Protection Agency

>