Azienda Sanitaria Locale TO4
€8,400
Non-compliance with general data processing principles
Data della decisione
23 maggio 2024
Autorità
Italian Data Protection Authority (Garante)
IT
Settore
Health Care
Paese
IT
Legge
GDPRStato
FINALDescrizione
The Italian DPA has imposed a fine of EUR 8,400 on Azienda Sanitaria Locale TO4. The controller had sent an email containing information on medical treatment plans to several pacients in an open distribution list. This allowed the recipients to view the email addresses of all other recipients, 44 in total.
Citazioni legali
Art. 5 (1)Art. 9
Problemi e violazioni
Non-compliance with general data processing principles