Istituti ospedalieri bergamaschi
€45,000
Insufficient technical and organisational measures to ensure information security
تاريخ القرار
11 فبراير 2021
الهيئة
Italian Data Protection Authority (Garante)
IT
القطاع
Health Care
البلد
IT
القانون
GDPRالحالة
FINALالوصف
The Italian DPA (Garante) has imposed a fine of EUR 45,000 on Istituti ospedalieri bergamaschi. The DPA initiated an investigation against the controller after it reported a data breach to the DPA. A patient had mistakenly received medical records and clinical documentation from seven other patients in his digital medical record.
الاستشهادات القانونية
Art. 5 (1)Art. 9Art. 32
القضايا والانتهاكات
Insufficient technical and organisational measures to ensure information security