National Center of Addiction Medicine ('SAA')

€20,600

Insufficient technical and organisational measures to ensure information security

Data della decisione

10 marzo 2020

Autorità

Icelandic data protection authority ('Persónuvernd')

IS

Settore

Health Care

Paese

IS

Legge

GDPR

Stato

FINAL

Descrizione

Persónuvernd noted that a former employee of the SAA received boxes of allegedly personal belongings that he had left there, but which also contained patient data, including the health records of 252 former patients and documents with the names of about 3,000 people who had participated in rehabilitation for alcohol and drug abuse.

Citazioni legali

Art. 5 (1)Art. 32

Problemi e violazioni

Insufficient technical and organisational measures to ensure information security
Visualizza il documento ufficiale
Torna al database delle multe
Precedente Multa
Danish Data Protection Authority (Datatilsynet) - ...
Prossima ammenda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rimanete aggiornati sull'applicazione della privacy

Rispettiamo la vostra privacy. Un'email al mese, niente spam, cancellazione in qualsiasi momento.