Breiðholt Upper Secondary School
€9,000
Insufficient technical and organisational measures to ensure information security
결정 날짜
2020년 3월 10일
권한
Icelandic data protection authority ('Persónuvernd')
IS
섹터
Public Sector and Education
국가
IS
법률
GDPR상태
FINAL설명
In violation of Art. 32 GDPR, a teacher had sent an e-mail to his students and their parents with an attachment containing data on their well-being, academic performance and social conditions.
법적 인용
Art. 5 (1)Art. 32
문제 및 위반 사항
Insufficient technical and organisational measures to ensure information security