National Center of Addiction Medicine ('SAA')

€20,600

Insufficient technical and organisational measures to ensure information security

Datum der Entscheidung

10. März 2020

Behörde

Icelandic data protection authority ('Persónuvernd')

IS

Sektor

Health Care

Land

IS

Recht

GDPR

Status

FINAL

Beschreibung

Persónuvernd noted that a former employee of the SAA received boxes of allegedly personal belongings that he had left there, but which also contained patient data, including the health records of 252 former patients and documents with the names of about 3,000 people who had participated in rehabilitation for alcohol and drug abuse.

Juristische Zitate

Art. 5 (1)Art. 32

Probleme und Verstöße

Insufficient technical and organisational measures to ensure information security
Offizielles Dokument anzeigen
Zurück zur Bußgelddatenbank
Vorherige Geldstrafe
Danish Data Protection Authority (Datatilsynet) - ...
Nächste Geldstrafe
Data Protection Authority of Hamburg (HmbBfDI) - C...

Bleiben Sie auf dem Laufenden über die Durchsetzung des Datenschutzes

Wir respektieren Ihre Privatsphäre. Eine E-Mail pro Monat, kein Spam, jederzeit abbestellbar.