H&M’s $41M GDPR Fine Underscores Importance of Employee Data Handling

Hamburg’s Data Protection Authority has levied Germany’s largest GDPR fine so far in a case relating to H&M’s mishandling of sensitive employee data. The €35.3‑million (about $41.4‑million) fine came after full cooperation by the company and an investigation completed in under a year. Geraldine Scali, a partner at Bryan Cave Leighton Paisner in London, and Dominik Weiss, a partner in the firm’s Hamburg office, shared their insights on the enforcement and compliance implications of the case with us and offered some key lessons. See “GDPR Enforcement Lessons and New ICO Guidance on COVID‑19” (Apr. 22, 2020).

To read the full article

Continue reading your article with a CSLR subscription.