Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Poland: UODO releases report on secure personal data processing

The Polish data protection authority ('UODO') released, on 20 September 2022, a report on the tasks of personal data administrators and inspectors in the context of secure personal data processing. In particular, the UODO outlined that a study had determined that only one-third of individuals knew who should deal with the negative consequences of a data breach, indicating such individuals believed this was their own responsibility. Thus, the UODO reiterated that it is the data protection administrator is primarily responsible for non-compliance with the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), especially when a data breach has occurred.

Furthermore, the UODO added that most individuals affected by a data breach expected expedient notification when there has been a data protection notification and information on its scope, as well as information on what measures have been done to avoid similar events in the future and with whom the leaked data could end up. Additionally, the UODO noted that most individuals surveyed expected legal support or coverage of the costs and expenses of an incident.

You can read the press release here and download the report here, both only available in Polish.