Sweden MedHelp 1177 case
This case is not only a goldmine for DPOs in the Swedish healthcare sector (although particularly so), but DPOs in general, for assessing roles, legal bases and processor liability.
Feb 22, 2024
—
8 min read
You might also like
🇮🇪 DPC fines TikTok €530m for China transfers
members
–
2 min read
The Irish DPA also orders TikTok to bring their processing into compliance within six months. If they don't, they must stop the transfers. TikTok also breached transparency by failing to disclose the third countries involved and didn't explain the nature of the transfers in its privacy policy.
Norway DPA with record NOK 4 million DPO fine
members
–
8 min read
BIG share: the DPA’s advance notification flagged a potential NOK 99m (~€8.3m) fine! Datatilsynet fined Telenor ASA for failing to properly assess and document the DPO role, including independence, potential conflicts of interest, and a direct reporting line to top management.
🇮🇪 DPC fines LinkedIn €310m for illegal behavioural analysis and targeted advertising ('BA & TA')
members
–
7 min read
Key takaways: Lack of lawful basis = loss of control = 'significant damage', lawful bases are notoriously tricky to get right, and most have lots to gain in improving information and transparency. Full decision = a key lesson on legitimate interest and LIAs.