Ospedaliero-Universitaria Careggi

€80,000

Insufficient technical and organisational measures to ensure information security

Beslissingsdatum

4 augustus 2025

Autoriteit

Italian Data Protection Authority (Garante)

IT

Sector

Health Care

Land

IT

Wet

GDPR

Status

FINAL

Beschrijving

The Italian DPA has imposed a fine of EUR 80,000 on the Ospedaliero-Universitaria Careggi. The controller, a university hospital, used software that allowed medical personnel to search through the data subject's history, even if this was unrelated to the specific medical treatment.

Juridische citaten

Art. 5 (1)Art. 9Art. 25Art. 32

Problemen en overtredingen

Insufficient technical and organisational measures to ensure information security
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Information Commissioner (ICO) - Police Officer...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.