Sweden

The Swedish Data Protection Authority (Sw. Datainspektionen) is the authority with a (general) mandate to supervise compliance with privacy/data protection laws and regulations (exceptions may apply due to particular laws). With reference to the GDPR, the Swedish Data Protection Authority has investigative, corrective and advisory powers, such as inter alia the power to
• Order controllers/processors to provide any information required for the performance of its tasks
• Carry out investigations
• Obtain access to premises
• Issue reprimands due to infringements (or warnings due to likely infringements)
• Impose limitations or bans on the processing of personal data
• Impose (substantial) administrative fines
The supervisory authority’s powers under the brottsdatalag (2018:1177) are similar to those under the GDPR. The Patient Data Act (2008:355) does not contain any rules of its own concerning supervisory powers.