As part of an enforcement discussion at the IAPP Global Summit this spring, Irish Data Protection Commissioner Helen Dixon noted that much attention has been focused on the fining powers data protection authorities possess, while in some cases, the appropriate action might be a cease-processing order, which could be just as disruptive to an organization's activities. Cease-processing orders are not new remedies under the EU General Data Protection Regulation. Ireland’s former commissioner, Billy Hawkes, put one in place against the company Loyaltybuild in 2013 following a data breach. So what was the Loyaltybuild case all about, and how might organizations face similar outcomes under the GDPR? Miranda Jang, CIPM, reports in this article for The Privacy Advisor.
If you want to comment on this post, you need to login.