Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Faroe Islands: Authority orders Environment Agency to adopt technical and organisational measures following data breach

The Faroe Islands Data Protection Authority ('the Authority') published, on 7 July 2021, its decision in Case No. 21/12774-9, as issued on the same day, in which it ordered the Faroe Islands Environment Agency to implement technical and organisational measures, for violations regarding the security of processing under Act No. 80 of 7 June 2020 on the Protection of Personal Data ('the Act'), following the notification of a personal data breach.

Background to the case

In particular, the Authority reported that it had received a notification of a personal data breach.

Findings of the Authority

Further to the above, the Authority held that, as a result of the investigation carried out, it had verified that some documents containing personal data had become available on the Environment Agency's website, in relation to the registration system for houses and vehicles.


In conclusion, the Authority ordered the Environment Agency to implement technical and organisational measures to prevent the reoccurrence of personal data breaches, as well as to announce the security incident on its website.

You can read the press release here and the decision here, both only available in Danish.