Data protection authority (DPA)

A data protection authority (DPA) is an independent public authority that supervises the application of the data protection law and protects the fundamental rights and freedoms of data subjects related to the processing of Personal data . Each EU Member State has its own DPA.

The primary roles of DPAs in the EU involve:

  • Handling data breach reports.
  • Consistently interpreting and enforcing Data privacy and protection laws across the EU.
  • Offering expert advice to businesses on data protection issues and compliance.
  • Managing complaints from individuals alleging GDPR violations.
  • Interpreting aspects of EU law, particularly regarding GDPR.
  • Managing fines and other noncompliance penalties.
Data controllers

are typically obligated to inform users about their right to lodge a complaint and provide information about the DPA to reach out to.


  • What is protected health information (PHI)? A guide for healthcare marketers

    Quick summary What PHI is: Any individually identifiable health information created, received, maintained, or transmitted by a covered entity or its business associates Who it applies to: Healthcare providers, health plans, healthcare clearinghouses, and their business associates Why it matters for marketing: Marketing tools that collect or transmit PHI without a BAA create HIPAA compliance…

  • We checked 59 hospital websites. 73% kept tracking visitors after opt-out.

    A new study by Piwik PRO and Verified Data scanned 59 major US hospital and clinic websites for tracking and data compliance. The findings show just how common it is for major US healthcare websites to run marketing tools that weren’t built for a regulated environment. What we actually found Across the 59 scanned sites,…