Centric Health Ltd.

€460,000

Non-compliance with general data processing principles

Data della decisione

23 gennaio 2023

Autorità

Data Protection Authority of Ireland

IE

Settore

Health Care

Paese

IE

Legge

GDPR

Stato

FINAL

Descrizione

The Irish DPA has imposed a fine of EUR 460,000 on Centric Health Ltd.. The controller suffered a ransomware attack in which personal data such as name, date of birth and contact details were accessed, altered and destroyed without authorization. Data records of approximately 70,000 people were affected, of which 2,500 were permanently affected. The DPA's investigation found that the healthcare facility had failed to implement adequate technical and organizational measures to protect personal data, which facilitated such an attack.

Citazioni legali

Art. 5 (1)Art. 5 (2)Art. 32 (1)

Problemi e violazioni

Non-compliance with general data processing principles
Visualizza il documento ufficiale
Torna al database delle multe
Precedente Multa
Spanish Data Protection Authority (aepd) - TECNO M...
Prossima ammenda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rimanete aggiornati sull'applicazione della privacy

Rispettiamo la vostra privacy. Un'email al mese, niente spam, cancellazione in qualsiasi momento.