Changeflow GovPing Data Protection Data Protection Authority 2026 Focus Audits on ...
Priority review Notice Added Final

Data Protection Authority 2026 Focus Audits on Processing Security

Favicon for www.dsb.gv.at Austria DSB News
Detected March 13th, 2026
Email

Summary

The Austrian Data Protection Authority (DSB) announced its 2026 focus audits will target processing security under Article 32 GDPR. Procedures against selected controllers and processors are scheduled to begin in March 2026, with a second part announced in June 2026.

View original document View source feed page

What changed

The Austrian Data Protection Authority (DSB) has announced its 2026 focus audits will concentrate on processing security requirements as mandated by Article 32 of the GDPR. This includes risk assessments and associated documentation obligations under Articles 30 and 35. The DSB plans to initiate proceedings against selected controllers and processors in March 2026. A second phase of the audit, with its specific focus to be announced in June 2026, will also incorporate the European Data Protection Board's annual Coordinated Enforcement Framework questionnaire.

Regulated entities, particularly controllers and processors of personal data in Austria, should prepare for these audits by reviewing and documenting their data processing security measures, risk assessments, and related documentation. While specific deadlines for individual entities are not provided, the initiation of procedures in March 2026 indicates a need for proactive internal review and preparation. Failure to comply with GDPR processing security requirements could lead to scrutiny and potential enforcement actions by the DSB.

What to do next

  1. Review and document compliance with Article 32 GDPR processing security requirements.
  2. Ensure risk assessments and related documentation (Articles 30, 35 GDPR) are up-to-date.
  3. Prepare for potential audits commencing March 2026.

Source document (simplified)

Bekanntmachungen der Datenschutzbehörde

Information zur Schwerpunktprüfung 2026

Die Datenschutzbehörde führt auch im Jahr 2026 Schwerpunktprüfungen durch. Die Prüfungen erfolgen in zwei Teilen:

Im ersten Teil stehen die Vorgaben zur Sicherheit der Verarbeitung gemäß Art. 32 DSGVO (einschließlich der Risikobewertung sowie die damit verbundenen Dokumentationspflichten nach Art. 30 und ggf. Art. 35 DSGVO) im Mittelpunkt. Die Einleitung der Verfahren gegen ausgewählte Verantwortliche und Auftragsverarbeiter ist für März 2026 vorgesehen.

Der Schwerpunkt des zweiten Teils wird im Juni 2026 bekannt gegeben. Der zweite Teil wird zusätzlich mit einem Fragebogen des jährlichen Coordinated Enforcement Framework des Europäischen Datenschutzausschusses kombiniert.

Related changes

Favicon for www.gov.uk Humanitarian Assistance Exception Notification for Petroleum Products
Priority review Mar 13, 2026 OFSI All Publications Trade & Export
Favicon for www.apra.gov.au APRA Releases Quarterly ADI Statistics for December 2025
Routine Mar 13, 2026 news-and-publications Government
Favicon for www.apra.gov.au APRA Statement on Gender Pay Gap
Routine Mar 13, 2026 news-and-publications Government
Favicon for www.priv.gc.ca Privacy Commissioner concludes Loblaw loyalty program investigation
Priority review Mar 13, 2026 Canada OPC News & Actions Government
Favicon for www.priv.gc.ca Global Data Protection Authorities Statement on AI Imagery Privacy
Priority review Mar 13, 2026 Canada OPC News & Actions Government
Favicon for www.priv.gc.ca Privacy Commissioner Recommends Bill C-4 Amendments for Political Party Privacy
Priority review Mar 13, 2026 Canada OPC News & Actions Government

Source

Favicon for www.dsb.gv.at
Austria DSB News dsb.gv.at/aktuelles/aktuelles
Data Protection
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Various
Compliance deadline
March 1st, 2026 (13 days ago)
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Employers
Geographic scope
Austria

Taxonomy

Primary area
Data Privacy
Operational domain
Compliance
Topics
Cybersecurity Compliance

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Data Protection alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when Austria DSB News publishes new changes.

Free. Unsubscribe anytime.