Medical laboratory

€20,000

Insufficient technical and organisational measures to ensure information security

Sprendimo priėmimo data

2022 m. rugpjūčio 19 d.

Institucija

Belgian Data Protection Authority (APD)

BE

Sektorius

Health Care

Šalis

BE

Teisė

GDPR

Statusas

FINAL

Aprašymas

The Belgian DPA imposed a fine of EUR 20,000 on a medical laboratory. During its investigation, the DPA found that the laboratory had failed to conduct a data protection impact assessment and thus violated Art. 35 GDPR. In addition, the laboratory had violated, Art. 5 (1) f) GDPR and Art. 32 GDPR, as it was possible for physicians to view patients' personal data on the website without encryption. Finally, the DPA found that the laboratory had not published a privacy statement on its website, in violation of Art. 12 GDPR, Art. 13 GDPR and Art. 14 GDPR.

Teisinės citatos

Art. 5 (1)Art. 12Art. 13Art. 14Art. 32Art. 35 (1)

Problemos ir pažeidimai

Insufficient technical and organisational measures to ensure information security
Peržiūrėti oficialų dokumentą
Grįžti į baudų duomenų bazę
Ankstesnis Bauda
French Data Protection Authority (CNIL) - ACCOR SA...
Kitas Bauda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gaukite naujausią informaciją apie privatumo vykdymo užtikrinimą

Gerbiame jūsų privatumą. Vienas el. laiškas per mėnesį, jokių šlamšto, atsisakykite prenumeratos bet kada.