University College Dublin

€70,000

Insufficient technical and organisational measures to ensure information security

Lēmuma datums

2020. gada 17. decembris

Iestāde

Data Protection Authority of Ireland

IE

Nozare

Public Sector and Education

Valsts

IE

Likums

GDPR

Statuss

FINAL

Apraksts

The Irish DPA (DPC) fined University College Dublin (UCD) EUR 70,000 due to seven personal data breaches. Unauthorized third parties were able to access UCD e-mail accounts, and login credentials for UCD e-mail accounts were posted online. It was found that the controller did not take appropriate technical and organisational measures to protect data security when processing personal data in its email service. In addition, the controller stored certain personal data in an email account in a form that allowed identification of the data subjects for longer than necessary for the purpose for which the personal data were processed. Also, the controller did not notify the DPC of a personal data breach in a timely manner.

Juridiskās atsauces

Art. 5 (1)Art. 32 (1)Art. 33 (1)

Jautājumi un pārkāpumi

Insufficient technical and organisational measures to ensure information security
Skatīt oficiālo dokumentu
Atgriezties pie Naudas sodu datubāzes
Iepriekšējais naudas sods
Italian Data Protection Authority (Garante) - Azie...
Nākamais naudas sods
Data Protection Authority of Hamburg (HmbBfDI) - C...

Atjauniniet informāciju par konfidencialitātes ieviešanu

Mēs respektējam jūsu konfidencialitāti. Viens e-pasts mēnesī, bez surogātpasta, jebkurā laikā varat atteikties no abonēšanas.