Doctor´s Office

€2,500

Insufficient technical and organisational measures to ensure information security

Otsuse kuupäev

1. jaanuar 2024

Ametiasutus

Data Protection Authority of Hessen

DE

Sektor

Health Care

Riik

DE

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The DPA of Hessen has imposed a fine of EUR 2,500 on a doctor´s office. The controller hired an office manager who worked partly from home. The manager worked with patient files, which he stored at home. However, he did not lock or otherwise secure the files, which resulted in guests and family members having access to them. On one occasion, the manager asked his wife to send him photos of some files via a private messaging service because he had left them in his car, which his wife was using for a long trip.

Õiguslikud viited

Art. 5 (1)Art. 6 (1)Art. 9 (1)Art. 32

Probleemid ja rikkumised

Insufficient technical and organisational measures to ensure information security
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Data Protection Authority of Hessen - Doctor´s Off...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.