• Professional News
  • 11 February 2016

The Danish Data Protection Agency has set up a new supervisory authority

On 2 February 2016, the Data Protection Agency published the news that it is to set up a new supervisory entity. The supervisory entity is to conduct all the Data Protection Agency's planned supervisory controls and be responsible for the current supervision of any violations of the safety requirements laid down in the Danish Act on Processing of Personal Data (persondataloven).

Supervisory controls planned for 2016
In 2016, the supervisory entity will focus on selected topics among 50 public and private data controllers. The topics are selected on the basis of the Data Protection Agency's supervision strategy for 2016-2018 and will particularly focus on the actual processing of personal data. This applies to processing which, due to its scope or purpose, may involve a particular risk of infringement of the rights of data subjects as well as processing involving the use of new technology.

Among the public authorities,  the 30 supervisory controls will focus on supervision of topics, such as detailed safety rules, the authority's own supervision, data processing agreements and the authority's internal controls of data processors.

Among the private data controllers, the 20 supervisory controls will focus on supervision of topics, such as compliance with the terms of the Data Protection Agency, data processing agreements and the business's internal controls of data processors.

Bech-Bruun comment
The new initiative may be construed as one of the Data Protection Agency's efforts to become a more active and outward-looking supervisory authority which has also been contemplated by the future personal data protection regulation.

Authorities and private businesses which have not yet commenced work with data protection compliance often experience this to be a task difficult to grasp. Bech-Bruun has developed a special personal data pre-audit service for data controlling businesses and public authorities. A pre-audit will assess the current compliance level of any business or public authority relative to the rules of the Act on Processing of Personal Data. The pre-audit will be conducted, among other things, by way of interviews among key staff of the data controller and by reviews of key policies, agreements, reports and instructions.

Fore more information on our pre-audit, click here.

Tags
  • Copenhagen

    Langelinie Allé 35
    2100 Copenhagen

  • Aarhus

    Værkmestergade 2
    8000 Aarhus C

  • Shanghai Representative Office

    No.1440 Yan'an Middle Road, Suite 2H08
    Jing'an District, 200040 Shanghai, P.R. China

  • Bech-Bruun Law Firm P/S

    P +45 72270000
    F +45 72270027
    E info@bechbruun.com
    VAT number 38 53 80 71
    Cookie policy
    Legal Notice and Disclaimer
    Privacy Policy