France: CNIL opened investigation into Nexpublica for alleged failure to provide sufficient security measures for PCRM software
Description
CNIL opened investigation into Nexpublica for alleged failure to provide sufficient security measures for PCRM software
On 20 March 2023, the French data protection authority (CNIL) opened an investigation into the company Nexpublica after receiving data breach notifications, authorising CNIL to carry out on-site monitoring to verify compliance with data protection requirements. Nexpublica specialises in software and computer design. The PCRM software is a tool for social workers to manage client relationships, and is used, for example, by departmental houses serving disabled people.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
other service provider, software provider: other software
Implementation Level
national
Government Branch
executive
Government Body
data protection authority