Dentist
€1,000
Insufficient legal basis for data processing
Határozat dátuma
2023. január 31.
Hatóság
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
RO
Szektor
Health Care
Ország
IT
Törvény
GDPRÁllapot
FINALLeírás
The Romanian DPA has fined a dentist EUR 1,000. The controller had published medical information of a patient, such as photos and X-rays, in an article on a medical blog. However, it had failed to obtain the patient's consent before publishing the medical data. Therefore, the DPA found that the controller had unlawfully processed the data.
Jogi hivatkozások
Art. 6 (1)Art. 9 (2)
Kérdések és jogsértések
Insufficient legal basis for data processing