Medical association

€3,000

Insufficient legal basis for data processing

Date de décision

9 mai 2024

Autorité

Italian Data Protection Authority (Garante)

IT

Secteur

Health Care

Pays

IT

Droit

GDPR

Statut

FINAL

Description

The Italian DPA has imposed a fine of EUR 3,000 on a medical association. A doctor had filed a complaint because the professional association suspended them for not fulfilling the COVID-19 vaccination obligation and also informed their employer of this. An email from the association requesting notification of the employer was inadvertently sent to other individuals, as a result of which their email addresses and vaccination status became known.

Citations légales

Art. 5 (1)Art. 6Art. 2

Questions et violations

Insufficient legal basis for data processing
Voir le document officiel
Retour à la base de données des amendes
Précédent Amende
Italian Data Protection Authority (Garante) - Azzu...
Prochaine amende
Data Protection Authority of Hamburg (HmbBfDI) - C...

Restez informé sur l'application de la législation en matière de protection de la vie privée

Nous respectons votre vie privée. Un courriel par mois, pas de spam, désabonnement à tout moment.