Breiðholt Upper Secondary School
€9,000
Insufficient technical and organisational measures to ensure information security
תאריך ההחלטה
10 במרץ 2020
סמכות
Icelandic data protection authority ('Persónuvernd')
IS
סקטור
Public Sector and Education
מדינה
IS
חוק
GDPRסטטוס
FINALתיאור
In violation of Art. 32 GDPR, a teacher had sent an e-mail to his students and their parents with an attachment containing data on their well-being, academic performance and social conditions.
ציטוטים משפטיים
Art. 5 (1)Art. 32
בעיות והפרות
Insufficient technical and organisational measures to ensure information security