Oslo Municipal Education Department

€120,000

Insufficient technical and organisational measures to ensure information security

Fecha de la decisión

29 de abril de 2019

Autoridad

Norwegian Supervisory Authority (Datatilsynet)

NO

Sector

Public Sector and Education

País

NO

Ley

GDPR

Estado

FINAL

Descripción

Fine for security vulnerabilities in a mobile messaging app developed for use in an Oslo school. The app allows parents and students to send messages to school staff. Due to insufficient technical and organizational measures to protect information security, unauthorized persons were able to log in as authorized users and gain access to personal data about students, legal representatives and employees. The fine has meanwhile been reduced to EUR 120.000, see link

Citas legales

Art. 32

Problemas e infracciones

Insufficient technical and organisational measures to ensure information security
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Polish National Personal Data Protection Office (U...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.