The Court declared that Austria had failed to fulfil its obligations, finding, in essence, that a Member State which lays down a regulatory framework under which that authority's managing member is a federal official subject to supervision, whose office is integrated with national government departments, and in respect of which the head of the national government has an unconditional right to information covering all aspects of that authority’s work does not meet the requirement of independence of a supervisory authority, laid down by Directive 95/46 (paragraph 66 and operative part).
This quote emphasizes the necessity for supervisory authorities, such as a hospital's data protection officer, to be free from any supervising influence to maintain independence.