- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2022-01-25T19:24:00
A recent decision by the Austrian Data Protection Authority against food retailer REWE International underlines the fact parent companies are ultimately responsible for how their subsidiaries manage people’s data, even if the offshoot entity operates separately.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The Austrian Post is once again appealing what would be a record GDPR fine in the country after successfully defending itself in the first instance. Other recent decisions under the law provide further enforcement trends.
Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.
The Marriott GDPR fine handed down by the U.K. Information Commissioner’s Office is less than 20 percent of the original number the regulator proposed, the second time this month such a drastic reduction has taken place.
Three former executives of Chicago-based Outcome Health, a healthcare technology company, were sentenced for misleading an auditor, clients, lenders, and investors about a scheme to sell $45 million in overbilled advertisements.
A home health company operating in Indiana, Ohio, and Texas agreed to pay nearly $4.5 million to settle allegations it filed false claims by giving sports tickets and other kickbacks to assisted living facilities in exchange for referrals.
Crypto-friendly Silvergate Bank will pay a total of $63 million penalties to California and the Federal Reserve Board to settle charges that its anti-money laundering program failed to properly monitor more than $1 trillion worth of customer transactions.
