Sweden MedHelp 1177 case

This case is not only a goldmine for DPOs in the Swedish healthcare sector (although particularly so), but DPOs in general, for assessing roles, legal bases and processor liability.

Feb 22, 2024 — 8 min read

Read the full story

Already have an account? Sign in

Denmark Google Workspace for Education Chromebook case (Helsingørgate)

members – 12 min read

[29 Jan: 🇩🇰 DPA applies dreaded EDPB Opinion and signal enforcement change. Must-read for 🇩🇰 folks but crucial to everyone using 🇺🇸 processors] Datatilsynet's landmark decision of 2022 to ban certain use of Google products and US transfers, has finally come to an end in Feb 2026.

Feb 5, 2026

Norway DPA orders Helseplattformen to rectify shortcomings

members – 3 min read

Weird DPA conclusion on controller's responsibility 🤔, will wait for the final decision | 🇳🇴 Datatilsynet notifies Helseplattformen of their intent to order fixes to serious organisational and (less serious) technical deficiencies.

Jan 14, 2026

UK ICO fines Capita £14 million for breach after weak security and slow reaction

members – 8 min read

After first flagging a fine with a potential starting point of £97m, the 🇬🇧 DPA heavily reduced it after several mitigating factors we can all learn from. A decision packed with practical lessons for DPOs, data protection and security teams alike!

Oct 26, 2025