Informatica Alto Adige Spa

€10,000

Insufficient technical and organisational measures to ensure information security

Decision Date

March 23, 2023

Authority

Italian Data Protection Authority (Garante)

IT

Sector

Health Care

Country

IT

Law

GDPR

Status

FINAL

Description

The Italian DPA has fined Informatica Alto Adige Spa EUR 10,000. The municipality of Bolzano had reported a data protection breach to the DPA involving unauthorized access to the health data of a number of patients caused by a deficiency in the electronic health record that the municipality had delegated to Informatica Alto Adige Spa. During its investigation, the DPA found that Alto Adige Spa had failed to take appropriate technical and organizational measures to prevent such incidents.

Legal Citations

Art. 5 (1)Art. 32

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Italian Data Protection Authority (Garante) - Bolz...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.