BRISTOL LOGISTICS SA
Insufficient technical and organisational measures to ensure information security
決定日
2023年1月12日
権威
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
RO
セクター
Transportation and Energy
国名
RO
法律
GDPRステータス
FINAL説明
The Romanian DPA has imposed a fine of EUR 10,000 on BRISTOL LOGISTICS SA. The DPA received a notification from BRISTOL LOGISTICS SA of a personal data breach under Art. 33 GDPR. The notification stated that a binder containing the personnel files of 12 employees had been stolen, which led to unauthorized persons having access to personal data. The DPA considered this to be a violation of Art. 32 GDPR, as the municipality had failed to implement appropriate technical and organizational measures to ensure a level of protection commensurate with the risk.