We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

Search results

Order by: most recent most popular relevance



Results: 1-10 of 37

Spanish Data Protection Agency investigates hospitals
  • Baker & McKenzie
  • Spain
  • May 5 2010

The Spanish Data Protection Agency (SDPA) has initiated an investigation to examine whether hospitals in Spain comply with data protection regulations, especially with those regarding the security and confidentiality of health-related information and how the rights of access, rectification, cancellation and objection of patients are attended to


Recommendations of the Spanish Data Protection Agency to health centres
  • Baker & McKenzie
  • Spain
  • January 12 2011

The Spanish Data Protection Agency (SPDA) has published its report on the investigation it conducted in the health sector


Deposit of sub-processing agreements to data protection authorities not required
  • Baker & McKenzie
  • European Union
  • October 19 2010

The Article 29 Working Party adopted FAQs intended to address a number of issues raised by the application of the standard contractual clauses for the transfer of personal data to non-EEA-based processors (contractual clauses "controller to processor") and the conditions for sub-processing of personal data between a non-EEA-based processor and non-EEA-based sub-processor


The Spanish Data Protection Regulation may be infringing the EU Data Protection Directive
  • Baker & McKenzie
  • European Union, Spain
  • September 27 2010

The Spanish Supreme Court has referred a question for a preliminary ruling to the European Court of Justice (ECJ


Employee geolocalisation
  • Baker & McKenzie
  • Spain
  • November 2 2010

According to Article 2 of Directive 200258EC on Privacy and Electronic Communications, "location data" means any data processed in an electronic communications network, indicating the geographic position of the terminal equipment of a user of a publicly available electronic communications service


Spain - former HR manager discloses employee health data breach
  • Baker & McKenzie
  • Spain
  • March 18 2014

The Spanish DPA (Resolution No. R30142013 dated 14 February 2014) initiated a sanctioning procedure against a company after having received a


Security breach notification rules implemented in Spain
  • Baker & McKenzie
  • European Union, Spain
  • December 6 2012

Royal Decree-Law 132012, which incorporates the new European regulatory framework on electronic communications contained in Directive 2009136EC (Citizens' Rights) and Directive 2009140EC (Better Regulation), came into effect on 1 April 2012


Spanish DPA imposes fines for data breach involving gym members
  • Baker & McKenzie
  • Spain
  • December 5 2012

The Spanish Data Protection Authority (DPA) in Resolution No 008062012 has fined a gym for a data breach violation involving personal data of its members


Publishing house fined 300,000 for unauthorised data disclosure
  • Baker & McKenzie
  • Spain
  • May 17 2011

The Spanish Supreme Court has upheld a decision of the Spanish Data Protection Agency imposing a 300,000 fine on a publishing house for disclosing personal data of former clients to third companies for marketing purposes without obtaining the prior consent of the individuals concerned


Shopping mall fined 60,000 for unauthorised CCTV recording of passersby
  • Baker & McKenzie
  • Spain
  • July 14 2011

The Spanish National High Court has upheld a 60,000 fine that was imposed by the Spanish Data Protection Authority (DPA) on a shopping mall for recording images of identified or identifiable passersby with CCTV cameras installed on the shopping mall's façade