Corporación radiotelevisión espanola
€60,000
Insufficient technical and organisational measures to ensure information security
Ημερομηνία απόφασης
19 Νοεμβρίου 2019
Αρχή
Spanish Data Protection Authority (aepd)
ES
Τομέας
Media, Telecoms and Broadcasting
Χώρα
ES
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
CORPORACIÓN RADIOTELEVISIÓN ESPAÑOLA and the trade union have reported a security breach to the AEPD after six unencrypted USB sticks containing personal data were lost. The violation affected about 11,000 people, including identification data, employment data, data about criminal convictions and health data.
Νομικές παραπομπές
Art. 32
Θέματα & Παραβάσεις
Insufficient technical and organisational measures to ensure information security