Breiðholt Upper Secondary School
€9,000
Insufficient technical and organisational measures to ensure information security
Дата на решението
10 март 2020 г.
Орган
Icelandic data protection authority ('Persónuvernd')
IS
Сектор
Public Sector and Education
Държава
IS
Право
GDPRСтатус
FINALОписание
In violation of Art. 32 GDPR, a teacher had sent an e-mail to his students and their parents with an attachment containing data on their well-being, academic performance and social conditions.
Правни цитати
Art. 5 (1)Art. 32
Въпроси и нарушения
Insufficient technical and organisational measures to ensure information security