National Government Service Centre (NGSC) – €18,700 Fine (Sweden, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Sweden's National Government Service Centre was fined for taking too long to report a data breach. They waited almost five months to inform people affected and three months to notify the authorities. This case highlights the importance of quick action when a data breach occurs.
What happened
The National Government Service Centre delayed notifying both affected individuals and the data protection authority about a data breach involving their IT systems.
Who was affected
Individuals whose personal data was compromised in the data breach.
What the authority found
The authority found that the National Government Service Centre violated GDPR by not promptly reporting the data breach to both the affected individuals and the authority.
Why this matters
This case underscores the critical need for organizations to act swiftly in reporting data breaches. Delays can lead to fines and highlight the importance of having efficient breach notification processes in place.
GDPR Articles Cited
The DPA's decision shows that it took almost five months for the company to notify the data subjects of a data breach and almost three months for the DPA to receive a notification of a data breach concerning an security lack of IT systems of the company.
Related Enforcement Actions (0)
No other enforcement actions found for National Government Service Centre (NGSC) in SE
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
29 April 2020
Authority
Integritetsskyddsmyndigheten
Fine Amount
€18,700
Enforcement Tracker ID
ETid-273
About this data
Cite as: Cookie Fines. National Government Service Centre (NGSC) - Sweden (2020). Retrieved from cookiefines.eu
Last updated: