The Data Inspectorate has received almost 2,000 reports of breaches of privacy after the EU’s new law, GDPR, entered into effect last summer.
347 of the reports are complaints from private individuals, while 1,506 are non-conformance reports from companies or companies that have notified about discoveries in their own systems, P4 reports.
“It can be misdirected emails, there are security breaches, data that for various reasons has gone astray, there are poor routines or failure of routines. There is a great deal of variation in the deviations that come in,” says Director Bjørn Erik Thon of the Data Inspectorate to the channel.
Bergen municipality is the only business in Norway that has been fined so far. The municipality accepted a million kroner fee after a deviation that included user names and passwords for over 35,000 users in the municipal primary school system.
Thon says that all non-conformance reports that come in are considered by the Data Inspectorate.
GDPR, which is the EU’s new privacy regulation, was adopted and entered into force in May of last year. It is incorporated into the EEA and therefore applies in Norway.
© NTB Scanpix / #Norway Today