Østfold HF Hospital

€112,000

Insufficient technical and organisational measures to ensure information security

Data da decisão

22 de junho de 2020

Autoridade

Norwegian Supervisory Authority (Datatilsynet)

NO

Setor

Health Care

País

NO

Lei

GDPR

Status

FINAL

Descrição

It was found that Østfold HF Hospital had stored patient data, including sensitive data such as the reason for hospitalisation, during the period 2013-2019 without controlling access to the folders where the data was stored. Datatilsynet therefore decided that the hospital had not taken sufficient technical and organisational measures to protect personal data and was therefore in breach of the GDPR and the Patient Records Act.

Citações legais

Art. 32

Problemas e violações

Insufficient technical and organisational measures to ensure information security
Ver documento oficial
Voltar ao banco de dados de multas
Multa anterior
Spanish Data Protection Authority (aepd) - Comunid...
Próxima multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Mantenha-se atualizado sobre a aplicação da privacidade

Respeitamos sua privacidade. Um e-mail por mês, sem spam, cancele sua inscrição a qualquer momento.