Denmark: Closed Datatilsynet investigation into Netcompany's alleged failure to implement security measures

On 23 May 2024, the Norwegian Data Protection Authority (Datatilsynet) concluded its investigation into Netcompany's alleged failure to implement security measures. Datatilsynet had posed several inquiries to Netcompany at the end of February to determine if the situation fell under the scope of General Data Protection Regulation (GDPR) and other pertinent data protection regulations. After reviewing Netcompany's responses, Datatilsynet determined that there is currently no grounds for further investigation by the Danish Data Protection Authority against Netcompany. Apart from Netcompany, Datatilsynet has engaged in discussions with both the Danish Business Authority and the Danish Development and Simplification Agency, both of which reported breaches in personal data security related to this matter. Datatilsynet has also suspended these aspects of the case.