Norway - Companies to be ordered to notify data subjects on data breaches - DAC Beachcroft

Norway - Companies to be ordered to notify data subjects on data breaches's Tags

Tags related to this article

Norway - Companies to be ordered to notify data subjects on data breaches

Published 17 May 2016

On 11 April the Norwegian data protection authority (the "Datatilsynet") issued a press release which strongly recommended notification of data breaches to affected individuals, stating that where companies don't do this, the Datatilsynet may order them to do so.

The press release follows a number of decisions of the Norwegian Privacy Appeal Board and is a reinforcement of the modern principle of transparency. Factors that may be taken into account in the Datatilsynet's decision whether to order notification include; the likelihood of misuse of the affected information and the economic impact on the company.

Organisations operating in Norway should ensure that is has the processes and resources in place to deal with notifications to data subjects on any data breach in Norway.

The Datatilsynet's press release can be accessed here (Norwegian).

Submitted by Charlotte Halford, Solicitor

Return to main page >>>

 

< Back to articles