Università Campus Bio-medico di Roma (Polyclinic)

€20,000

Non-compliance with general data processing principles

Otsuse kuupäev

26. oktoober 2020

Ametiasutus

Italian Data Protection Authority (Garante)

IT

Sektor

Public Sector and Education

Riik

IT

Seadus

GDPR

Staatus

FINAL

Kirjeldus

In a data breach notification pursuant to Art. 33 GDPR, the data protection authority found that patients accessing their online medical reports via their smartphones could also access personal health data of 74 other patients. According to the polyclinic, the reason for this was a human error in the integration of two IT systems.

Õiguslikud viited

Art. 5 (2)Art. 9

Probleemid ja rikkumised

Non-compliance with general data processing principles
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Data Protection Authority of Sachsen-Anhalt - Priv...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.