The data protection regulator in Denmark has reported the country’s Danske Bank to police following the institution’s failure to delete customers personal information in its IT systems, the bank reported today.

Stored Data

Danske Bank – Denmark’s biggest lender – may also face fines of up to 10 million Danish crowns ($1.48 million) over the slip up, if the Danish Data Protection Agency’s (DPA) recommendations are followed through.

The DPA originally opened the case against Danske Bank in November 2020. In a subsequent statement, Danske Bank said:

“In connection with the debt collection issue, Danske Bank informed the Danish Data Protection Agency (DPA) that it had identified instances of personal data having been stored for longer than necessary.

“As part of that dialogue, Danske Bank also informed the DPA that the issue related to data retention and deletion is broader than the debt collection issue. The DPA has therefore requested more information in this regard.”

At the time of the event’s reporting, Bo Svejstrup, Executive Vice President at CIO Core Banking & Data at Danske Bank, said:

“Our customers’ data is secure. We have, however, identified instances of data having been stored for longer than necessary. That should obviously not have happened, and we are working to solve this issue,”

Following the recent reporting of the breach to the police, Danske Bank has said: 

“The DPA has now informed Danske Bank that it has filed a criminal complaint against the bank for violation of the General Data Protection Regulation (GDPR).”

In response, the DPA has criticised Danske Bank’s failure to “present proper procedures for deleting and storing personal data” in over 400 systems that encompass millions of people.

PrivSec World Forum

Part of the Digital Trust Europe Series - will take place through May, June & July 2022, visiting five major cities; 

Brussels | Stockholm | London | Dublin | Amsterdam

PrivSec World Forum is a two-day, in-person event taking place as part of the Digital Trust Europe series. Data protection, privacy and security are essential elements of any successful organisation’s operational make-up. Getting these things right can improve stakeholder trust and take any company to the next level.

PrivSec World Forum will bring together a range of speakers from world-renowned companies and industries—plus thought leaders and experts sharing case studies and their experiences—so that professionals from across all fields can listen, learn and debate.

FIND OUT MORE 

PrivSec World Forum