Hospital

€105,000

Insufficient technical and organisational measures to ensure information security

Decision Date

December 3, 2019

Authority

Data Protection Authority of Rheinland-Pfalz

DE

Sector

Health Care

Country

DE

Law

GDPR

Status

FINAL

Description

The fine is based on several breaches of the GDPR in connection with a patient mix-up at the admission of the patient. This resulted in incorrect invoicing and revealed structural technical and organisational deficits in the hospital's patient management.

Legal Citations

Art. 32

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Romanian National Supervisory Authority for Person...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.