Faroe Islands: Authority finds ministers in violation of obligation to maintain records of processing activities
The Faroe Islands Data Protection Authority ('the Authority') issued on 18 June 2021, a statement, in which it held that six of the seven members of the Cabinet of Ministers of the Faroe Islands had failed to maintain a record of the data processing activities carried out, in violation of Article 44 of Act No. 80 of 7 June 2020 on the Protection of Personal Data ('the Act'), following an inquiry initiated by the Authority.
Background to the case
In particular, the Authority noted that it had conducted an investigation to verify whether the Cabinet of Ministers was compliant with the Act, specifically in relation to the obligation to appoint of a data protection officer ('DPO') and to maintain a record of the processing activities.
Findings of the Authority
Further to the above, as a result of the investigation carried out, the Authority highlighted that the Cabinet had correctly appointed DPOs. However, the Authority found that six of the seven members of the Cabinet had not maintained records of processing activities.
In conclusion, the Authority noted that all the members of the Cabinet had agreed to maintain said records going forward.
You can read the statement, only available in Danish, here.