Norway DPA fines US-based controller for delayed breach notification

Mar 22, 2023 — 1 min read

Read the full story

Already have an account? Sign in

Norway DPA orders Helseplattformen to rectify shortcomings

members – 3 min read

🇳🇴 Datatilsynet notifies Helseplattformen of their intent to order fixes to serious organisational and (less serious) technical deficiencies – response is due by 6 Jan 2026, with the final decision after. Key ISMS takeaways on this one + download a collated PDF.

Dec 7, 2025

UK ICO fines Capita £14 million for breach after weak security and slow reaction

members – 8 min read

After first flagging a fine with a potential starting point of £97m, the 🇬🇧 DPA heavily reduced it after several mitigating factors we can all learn from. A decision packed with practical lessons for DPOs, data protection and security teams alike!

Oct 26, 2025

UK ICO fines Clearview AI €8.9m and orders stop in processing

members – 2 min read

And on 8 Oct 2025, the 🇬🇧 Upper Tribunal (appeal court) upheld three of Information Commissioner’s four grounds of appeal, sending the case back to the lower appeal court.

Oct 12, 2025