Startups and research are dealing with personal data on a daily base such as patient details, pseudonymised research data and staff or clients information. On 26 November Loyens & Loef and Health~Holland organize a workshop on the relevant aspects of the data Protection Act.
Penalties
At this moment, the maximum administrative fine for non-compliance with the Dutch Data Protection Act is EUR 4,500, and the Authority has limited power to impose a fine. However, this situation will change as of 1 January 2016. From that moment onwards, the Authority will be able to impose fines for non-compliance with a substantial amount of provisions of the Dutch Data Protection Act. Also, the maximum amount of the possible fine will increase substantially: non-compliance with the obligation to notify can result in a fine up to a maximum of EUR 810,000 or even 10% of the annual net turnover of a company, per violation. The Authority is generally required to give a binding instruction before imposing a fine.
What does this mean for you?
When a data security breach is discovered, your organisation will have to notify this immediately to the Authority and, in certain situation, to the data subjects concerned. As the notification has to be done immediately (as soon as reasonably possible), it will be too late to draw up a plan of action at the moment that a data security breach is discovered. Therefore, as from 1 January 2016, each organization needs to have an action plan for the unlikely event of a data breach.
The workshop programme will zoom in on practical, technical, organizational and legal topics.
Read more on Data Breach Notification
When: Thursday, 26 November 2015, workshop starting at 16:00 hrs., cocktails at 18:00 hrs
Venue: Loyens & Loeff, Fred. Roeskestraat 100, 1076 ED Amsterdam
Registration: Send an email to: Eelke.van.der.Ree@loyensloeff.com
Questions?: kim.lucassen@loyensloeff.com or joanne.zaaijer@loyensloeff.com