Medical laboratory

€20,000

Insufficient technical and organisational measures to ensure information security

Datum rozhodnutí

19. srpna 2022

Úřad

Belgian Data Protection Authority (APD)

BE

Sektor

Health Care

Země

BE

Právo

GDPR

Stav

FINAL

Popis

The Belgian DPA imposed a fine of EUR 20,000 on a medical laboratory. During its investigation, the DPA found that the laboratory had failed to conduct a data protection impact assessment and thus violated Art. 35 GDPR. In addition, the laboratory had violated, Art. 5 (1) f) GDPR and Art. 32 GDPR, as it was possible for physicians to view patients' personal data on the website without encryption. Finally, the DPA found that the laboratory had not published a privacy statement on its website, in violation of Art. 12 GDPR, Art. 13 GDPR and Art. 14 GDPR.

Právní citace

Art. 5 (1)Art. 12Art. 13Art. 14Art. 32Art. 35 (1)

Problémy a porušení

Insufficient technical and organisational measures to ensure information security
Zobrazit oficiální dokument
Zpět na databázi pokut
Předchozí Pokuta
French Data Protection Authority (CNIL) - ACCOR SA...
Další Pokuta
Data Protection Authority of Hamburg (HmbBfDI) - C...

Aktualizujte informace o prosazování ochrany osobních údajů

Respektujeme vaše soukromí. Jeden e-mail měsíčně, žádný spam, kdykoli se můžete odhlásit.