Examining Portugal’s GDPR Implementation Statute

Portugal’s Data Protection Authority was an early enforcer of the GDPR, fining a hospital €400,000 for three GDPR violations stemming from excessive access to the hospital’s database in July 2018. One argument the hospital made when opposing that fine was the lack of a national-level law, but that argument will not work going forward – as of August 9, 2019, the Portuguese Data Protection Act (the Act), Law No. 58/2019, will implement the GDPR in that country. Ana Monteiro, an attorney at Caetano de Freitas & Associados in Lisbon, told the Cybersecurity Law Report about the law and notable provisions where the law fills in the GDPR’s gaps. See “Analyzing Early GDPR Enforcement: Portugal and Germany” (Jan. 23, 2019).

To read the full article

Continue reading your article with a CSLR subscription.