The Catholic Data Protection Authority North (KDSA-Nord) has published its 2022 activity report on its website (available here ). This is the final activity report of the previous diocesan data protection officer, Andreas Mündelein, who entered well-deserved retirement at the end of 2022. Since January 1, 2023, his deputy, Andreas Bloms, has assumed the role of diocesan data protection officer. In his activity report, Mr. Mündelein thanks the various individuals and agencies involved for their excellent cooperation activity report for 2022.
In terms of content, the results of the cross-sectional review, which was carried out for the first time among the Caritas associations and completed in 2022, are particularly interesting.
Cross-sectional review of Caritas activity report for 2022
As with the inspection of daycare centers ( we reported ), the audit again utilized an electronic questionnaire. The focus was on data confidentiality, canada business fax list data subject rights, information obligations, contract processing, and technical and organizational measures (TOMs). The five major Caritas associations in Northern Germany were selected.
Across all facilities, KDSA-Nord identified a need for improvement in the TOMs. Most of the suggestions for potential improvements were formulated in this area, specifically in the authorization concept review area. A total of two notices (warnings) and three information letters (including notes) were sent due to the identified need for improvement. Each warning contained a need for improvement.
Figures on supervisory activity
Unfortunately, there are no concrete figures on supervisory activities for 2022. The number of complaints received declined slightly compared to the previous year, creating pages for each keyword variation but the number of reports of data protection violations remained at the same level as the previous year. Due to the pandemic, only two parishes and one Caritas service were visited.
The activity report does not contain any information on whether and to what extent fines were imposed.
Advice, complaints and data breaches
The activity report also provides insight into exemplary consultation requests, complaints, and data breaches that the KDSA North handled in 2022. The disclosure of registration data to newspaper publishers is also a topic. The disclosure of registration data held by the botswana business directory diocese to the church. Newspaper is inadmissible if this is done for the purpose of using the registration data to acquire new customers. The primary objective here is the newspaper publisher’s economic interest in increasing the number of subscribers. This economic interest is incompatible with Section 42 Paragraph 1 of the Federal Registration Act.
News from legislation and case law
The KDSA-Nord briefly addresses the Telecommunications and Telemedia Data Protection. Act (TTDSG) and agrees with the opinion of the North Rhine-Westphalia State Commissioner for Data Protection, according to which. According to Section 29 TTDSG, the Federal Commissioner for Data Protection is responsible for. Overseeing video conferencing services. In the church sector, the long-overdue evaluation of the Church Data Protection Act is still pending.