Casa di cura Fondazione Gaetano e Piera Borghi s.r.l.

€30,000

Insufficient technical and organisational measures to ensure information security

Data decyzji

2 grudnia 2021

Władza

Italian Data Protection Authority (Garante)

IT

Sektor

Health Care

Kraj

IT

Prawo

GDPR

Status

FINAL

Opis

The Italian DPA (Garante) has fined Casa di cura Fondazione Gaetano e Piera Borghi s.r.l. EUR 30,000. The nursing home notified the DPA of a data breach pursuant to Art. 33 GDPR. The facility had suffered a cyber attack by a hacker who gained access to personal data and published it. This included publishing radiological images of patients on his Twitter account. The DPA's investigation revealed that the home had only secured the data with simple passwords. For this reason, the DPA found that the home had failed to implement appropriate technical and organizational measures to ensure a level of protection commensurate with the risk.

Cytaty prawne

Art. 5 (1)Art. 32

Problemy i naruszenia

Insufficient technical and organisational measures to ensure information security
Zobacz oficjalny dokument
Powrót do bazy danych grzywien
Previous Fine
Italian Data Protection Authority (Garante) - Soci...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Bądź na bieżąco z egzekwowaniem przepisów dotyczących prywatności

Szanujemy Twoją prywatność. Jeden e-mail miesięcznie, bez spamu, zrezygnuj z subskrypcji w dowolnym momencie.