Medical laboratory

€20,000

Insufficient technical and organisational measures to ensure information security

Tanggal Keputusan

19 Agustus 2022

Wewenang

Belgian Data Protection Authority (APD)

BE

Sektor

Health Care

Negara

BE

Hukum

GDPR

Status

FINAL

Deskripsi

The Belgian DPA imposed a fine of EUR 20,000 on a medical laboratory. During its investigation, the DPA found that the laboratory had failed to conduct a data protection impact assessment and thus violated Art. 35 GDPR. In addition, the laboratory had violated, Art. 5 (1) f) GDPR and Art. 32 GDPR, as it was possible for physicians to view patients' personal data on the website without encryption. Finally, the DPA found that the laboratory had not published a privacy statement on its website, in violation of Art. 12 GDPR, Art. 13 GDPR and Art. 14 GDPR.

Kutipan Hukum

Art. 5 (1)Art. 12Art. 13Art. 14Art. 32Art. 35 (1)

Masalah & Pelanggaran

Insufficient technical and organisational measures to ensure information security
Lihat Dokumen Resmi
Kembali ke Basis Data Denda
Sebelumnya Denda
French Data Protection Authority (CNIL) - ACCOR SA...
Berikutnya Baik
Data Protection Authority of Hamburg (HmbBfDI) - C...

Tetap Terupdate tentang Penegakan Privasi

Kami menghormati privasi Anda. Satu email per bulan, tidak ada spam, berhenti berlangganan kapan saja.