ESTUDIOS EUROPEOS DE POSTGRADO Y EMPRESA, S.L.

€3,000

Insufficient technical and organisational measures to ensure information security

Otsuse kuupäev

29. juuli 2022

Ametiasutus

Spanish Data Protection Authority (aepd)

ES

Sektor

Public Sector and Education

Riik

ES

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The Spanish DPA has imposed a fine of EUR 3,000 on ESTUDIOS EUROPEOS DE POSTGRADO Y EMPRESA, S.L.. An employee had filed a complaint with the DPA. The employee stated that she had been given access to a company email account when she was hired. However, upon accessing the account, she discovered that the email account was not actually her account, but rather the email account of another employee. Thus, she was able to access all emails sent and received by the other employee. During its investigation, the DPA determined that the controller had not properly configured the account and had therefore breached its duty to implement appropriate technical and organizational measures to protect personal data.

Õiguslikud viited

Art. 5 (1)Art. 32 (1)

Probleemid ja rikkumised

Insufficient technical and organisational measures to ensure information security
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Italian Data Protection Authority (Garante) - Auto...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.