Coming soon!

Preface

For over two decades, I have been immersed in the ever-evolving world of Information Technology (IT). My journey began in the mid-1990s with programming in dBase V and FoxPro 2.6, eventually leading to my current role as a Cybersecurity Architect. Throughout my career, I have worked extensively with data in various capacities—managing personal, confidential, and sensitive information, usually subject to strict regulatory requirements.

I often say I have touched personal data, sensed its presence within systems, and witnessed its movement across networks. Not just technically, but with a deep understanding of its entire lifecycle. From its creation to secure deletion, data holds both inherent value and vulnerability. Managing it effectively requires not only technical proficiency but also a strong commitment to regulatory compliance.

In those earlier years, personal data was left exposed—kept in unsecured formats, shared openly via email, or stored in databases without encryption or access controls. I refer to this as ‘Naked Data’: personal data that was unprotected, unmasked, and vulnerable to misuse. Sensitive data was visible in plain sight, easily accessible to anyone with minimal effort.

A major turning point arrived in May 2018 with the enforcement of the General Data Protection Regulation (GDPR) in the European Union (EU). Until then, accessing and using personal data was relatively unrestricted. GDPR changed everything—it introduced strict consent requirements, defined individual rights, and made organizations accountable for how they collect, store, and use personal data.

I vividly recall a defining moment during this transition. At a seminar, a speaker emphasized the Danish phrase “Slet, slet, slet,” which still echoes in my mind. “Delete, delete, delete”, it means, if you don’t need any data, just delete it. That simple advice became a guiding principle in my work, helping to reduce risk and improve compliance.

As GDPR reshaped the landscape, I deepened my expertise through research, hands-on experience, and professional training. I also earned a certification in Data Privacy and Technology from Harvard Business School Online, which sharpened my skills and broadened my strategic thinking around data privacy and data protection.

Over time, I became increasingly engaged in Denmark’s personal data breach landscape. Year after year, statistics from the Danish Data Protection Authority (DDPA) painted a troubling trend: personal data breaches were rising, affecting organizations and stakeholders across industries. As I investigated further, I recognized the need for a comprehensive book analyzing these breaches, their causes, and emerging risks.

What began as continuous LinkedIn posts analyzing data breach trends gradually evolved into something more ambitious project. Initially, I planned to publish an independent analysis report focusing only on Part II of this book on personal data breaches in Denmark.
However, I soon realized that by including foundational chapters exploring the broader context of these breaches, a more structured, book-format approach would provide greater value to those seeking to strengthen data privacy and security.

Thus, Personal Data Breaches in Denmark (2018–2025): A Comprehensive Overview was born.

This book is designed for data privacy-conscious individuals, whether you’re new to data protection or have years of experience. It explores GDPR fundamentals within the Danish context, real-world breach analyses, and evolving threats. While I’m not a legal advisor, my expertise in cybersecurity, data privacy, and protection equips me with practical insights to help professionals and organizations navigate this complex landscape.

Understanding the risks is the first step toward protecting personal data. I hope this book provides meaningful insights that empower you to make informed decisions in an increasingly digitized world.