Global Business Travel Spain SLU

€5,000

Insufficient technical and organisational measures to ensure information security

Data della decisione

10 luglio 2020

Autorità

Spanish Data Protection Authority (aepd)

ES

Settore

Transportation and Energy

Paese

ES

Legge

GDPR

Stato

FINAL

Descrizione

The fine was preceded by an employee's access to health data of a person concerned. In the course of its investigations, the Data Protection Authority found that Global Business Travel Spain, as data controller, had infringed Article 32(2) and (4) of the GDPR by failing to take adequate technical and organisational measures to protect the data from unauthorised disclosure.

Citazioni legali

Art. 32

Problemi e violazioni

Insufficient technical and organisational measures to ensure information security
Visualizza il documento ufficiale
Torna al database delle multe
Precedente Multa
Spanish Data Protection Authority (aepd) - Vodafon...
Prossima ammenda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rimanete aggiornati sull'applicazione della privacy

Rispettiamo la vostra privacy. Un'email al mese, niente spam, cancellazione in qualsiasi momento.