Lazio Region

€100,000

Insufficient legal basis for data processing

Határozat dátuma

2022. december 1.

Hatóság

Italian Data Protection Authority (Garante)

IT

Szektor

Health Care

Ország

IT

Törvény

GDPR

Állapot

FINAL

Leírás

The Italian DPA has fined Lazio Region EUR 100,000. A trade union had filed a complaint with the DPA alleging that the Region had monitored the e-mail accounts of employees of the Region's legal department. The Region had initiated such monitoring on suspicion of possible disclosure of information protected by official secrecy to third parties. The Region stored and analyzed the employees' data for 180 days. The data included not only information related to work, but also personal data of the data subjects concerning their private sphere. During its investigation, the DPA found that the Region at the time did not have a valid legal basis for such a large-scale collection of personal data.

Jogi hivatkozások

Art. 5 (1)Art. 6Art. 113Art. 114

Kérdések és jogsértések

Insufficient legal basis for data processing
Hivatalos dokumentum megtekintése
Vissza a bírságok adatbázisába
Előző Fine
Polish National Personal Data Protection Office (U...
Következő Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Maradjon naprakész az adatvédelem érvényesítésével kapcsolatban

Tiszteletben tartjuk a magánéletét. Havonta egy e-mail, nincs spam, bármikor leiratkozhat.