Europejska Rada Ochrony Danych, One-Stop-Shop case digest on Security of Processing and Data Breach Notification

27 November 2023

One-Stop-Shop case digest on Security of Processing and Data Breach Notification

1. Scope and methodology

This report analyses the decisions adopted by Supervisory Authorities (SAs) pursuant to Article 60 GDPR under the One Stop Shop mechanism in the field of security of personal data processing and personal data breaches. The dataset was extracted from the register of final one stop shop decisions made publicly available online by the European Data Protection Board (EDPB). The register was consulted between 10 July and 31 August 2023.

The relevant decisions were initially filtered using the search engine on the EDPB website by setting Article 32 GDPR as the main legal reference. The 62 selected decisions were then analysed to identify the most significant ones. The same process was adopted regarding Articles 33 GDPR and 34GDPR. The search returned 54 cases for the former and 38 cases for the latter. As, due to the nature of these Articles, they were often found in the...