Unknown

€19,000

Insufficient fulfilment of data breach notification obligations

Fecha de la decisión

5 de enero de 2021

Autoridad

Polish National Personal Data Protection Office (UODO)

PL

Sector

Not assigned

País

CZ

Ley

GDPR

Estado

FINAL

Descripción

The Polish DPA (UODO) imposed a fine of EUR 19,000 on a hospital operator. A former employee had unlawfully copied the personal data of 100 patients from the hospital's computer network. The leaked data included the social security number, name, date of birth, address and telephone number of the data subjects. Although the controller considered the potential risk to the data subjects to be high, she had not informed the data subjects about the incident. The DPA then requested the controller to immediately inform the data subjects about the incident and provide them with advice on how to minimize the potential negative impact of the breach. However, the controller did not comply with this request.

Citas legales

Art. 34 (1)Art. 58 (2)

Problemas e infracciones

Insufficient fulfilment of data breach notification obligations
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Polish National Personal Data Protection Office (U...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.