First GDPR Fines in Romania

First GDPR Fines in Romania

NNDKP‘s head of the Data Protection practice, Roxana Ionescu, published two articles in relation to the first two fines notified by the Romanian Data Protection Authority (DPA).

In applying its first fine, the Romanian DPA has reinforced its past practice on minimising the processing of personal numeric codes (equivalent to social security numbers) while making use of new concepts under the General Data Protection Regulation, like the accountability principle and data protection by design and by default. The second fine was imposed due to a data breach. In this regard, the Romanian DPA falls in line with the other data protection authorities in Europe that have made data security and the breach thereof one of their main enforcement topics after GDPR became applicable. To read the details about the first and second fine imposed in Romania, please click on the relevant links.

NNDKP‘s head of the Data Protection practice, Roxana Ionescu, published two articles in relation to the first two fines notified by the Romanian Data Protection Authority (DPA).

In applying its first fine, the Romanian DPA has reinforced its past practice on minimising the processing of personal numeric codes (equivalent to social security numbers) while making use of new concepts under the General Data Protection Regulation, like the accountability principle and data protection by design and by default. The second fine was imposed due to a data breach. In this regard, the Romanian DPA falls in line with the other data protection authorities in Europe that have made data security and the breach thereof one of their main enforcement topics after GDPR became applicable. To read the details about the first and second fine imposed in Romania, please click on the relevant links.