Śląski Uniwersytet Medyczny (Medical University of Silesia)

€5,500

Insufficient fulfilment of data breach notification obligations

Otsuse kuupäev

5. jaanuar 2021

Ametiasutus

Polish National Personal Data Protection Office (UODO)

PL

Sektor

Public Sector and Education

Riik

PL

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The Polish DPA (UODO) imposed a fine of PLN 25,000 (EUR 5,500) on the Medical University of Silesia. In the course of exams held in the form of videoconferences at the end of May 2020, identification of students took place. Once the exam was completed, the recordings of the exams were available not only to the examinees, but also to other people with access to the system. In addition, any outsider could access the records of the examinations and the data of the examined students presented during identification via a direct link. The University failed to report the data breach to the DPA and notify the data subjects.

Õiguslikud viited

Art. 33 (1)Art. 34 (1)

Probleemid ja rikkumised

Insufficient fulfilment of data breach notification obligations
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
French Data Protection Authority (CNIL) - Nestor S...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.