Should breaches of personal data protection provisions, such as the failure to use information clauses, that were identified during an audit be entered in the breach register?

Question

Accepted Answer

ANSWER No, non-compliance with personal data protection provisions, such as missing information clauses, should be recorded in the audit report, not in the breach register. The breach register contains only "personal data breaches", meaning security breaches leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to personal data.

Should breaches of personal data protection provisions, such as the failure to use information clauses, that were identified during an audit be entered in the breach register?

ANSWER

Read also:

12 March 2026

Kiedy nie zgłaszać naruszenia do UODO? Praktyczna analiza art. 33 RODO

06 March 2026

Za co Prezes UODO nakłada kary – podsumowanie wyników raportu

15 October 2025

Jakie kary za marketing telefoniczny bez zgody? Przykłady decyzji i kwoty

Ranking aplikacji dla sygnalistów

Ochrona sygnalistów - ranking aplikacji