GDPR | 4-year anniversary – Our top picks of past and upcoming judgements of the Court of Justice of the European Union
The Romanian DPA sanctions a natural person and a market research companyRecently, the Romanian Data Protection Authority (ANSPDCP) announced two new sanctions for GDPR viol…
Romanian Cybersecurity Authority issues draft orders on NIS2 Notification and Risk AssessmentThe Romanian Cybersecurity Authority (DNSC) has recently published some updates regarding the second…
Draft Order on notification process for registrationFollowing our recent post on the Draft Order published by the National Directorate for Cybersecurity…
DNSC publishes draft order on notification process for registration and information transmissionThe National Directorate for Cyber Security (DNSC) published yesterday, March 6, 2025, the Draft Ord…
Controller fined for data breach linked to processor’s employee misconductOn February 6, 2025, the Romanian DPA announced the conclusion of an investigation concerning a cont…
AI Act provisions on prohibited practices and literacy start to applyOn February 2, 2025, specific provisions of the European Union's Artificial Intelligence Act became …
Healthcare provider fined for unauthorized disclosureOn 13 January 2025, the Romanian DPA announced a fine of the RON equivalent of EUR 2,000 imposed aga…
Romania transposes the NIS2 DirectiveOn 30 December 2024, the Romanian Government adopted the Government Emergency Ordinance (GEO) 155/20…
Public transport operator fined for driver monitoringOn 12 December 2024, the Romanian DPA announced a fine of the RON equivalent of EUR 4,000 imposed on…
Romanian DPA issues fine and corrective measures for GDPR violations in healthcare sectorIn October 2024, the Romanian DPA concluded an investigation into a healthcare sector controller for…