State Hospital

€5,000

Insufficient fulfilment of data subjects rights

Decision Date

January 1, 2019

Authority

Cypriot Data Protection Commissioner

CY

Sector

Health Care

Country

CY

Law

GDPR

Status

FINAL

Description

A patient complained to the Commissioner that the request for access to her medical file was not satisfied by the hospital because the dossier could not be identified/located by the controller. After investigating the case, an administrative fine of €5,000 was imposed on the hospital.

Legal Citations

Art. 15

Issues & Violations

Insufficient fulfilment of data subjects rights
View Official Document
Back to Fines Database
Previous Fine
Austrian Data Protection Authority (dsb) - Private...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.