€50k fine part due to DPO assignment
Keeping DPOs independent
28th April 2020
The Belgian Data Protection Authority (28/4/20) fined a company €50k, for:
- Having a DPO that lacked independence (he was also the director of risk, compliance and audit)
- Failing to adequately engage the DPO in business matters
- Failing to appropriate risk assess events
- Failure to cooperate with the Data Protection Authority
They were not fined for the data security breach which triggered the alert.