NN Asigurări de Viață S.A.

€1,000

Insufficient technical and organisational measures to ensure information security

Дата на решението

12 май 2023 г.

Орган

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

RO

Сектор

Finance, Insurance and Consulting

Държава

RO

Право

GDPR

Статус

FINAL

Описание

The Romanian DPA has imposed a fine of EUR 1,00 on the insurance company NN Asigurări de Viață S.A.. The controller had notified the authority of a data breach pursuant to Art. 33 GDPR. The controller had made a number of technical changes to its systems that allowed some website visitors to access personal data of other individuals. This led to the unauthorized access of personal data such as name, ID card number, email, etc. of two individuals. During its investigation, the DPA found that the controller had failed to take appropriate technical and organizational measures to protect personal data, which facilitated such an incident.

Правни цитати

Art. 32 (1)Art. 32 (2)

Въпроси и нарушения

Insufficient technical and organisational measures to ensure information security
Вижте официалния документ
Обратно към базата данни с глоби
Предишна глоба
Romanian National Supervisory Authority for Person...
Следваща глоба
Data Protection Authority of Hamburg (HmbBfDI) - C...

Бъдете информирани за прилагането на поверителността

Уважаваме поверителността ви. Един имейл на месец, без спам, отпишете се по всяко време.