Covid 19 Test Lab

€100,000

Insufficient technical and organisational measures to ensure information security

Decision Date

6 de junho de 2024

Authority

Austrian Data Protection Authority (dsb)

AT

Sector

Health Care

Country

AT

Law

GDPR

Status

FINAL

Description

The Austrian DPA has imposed a fine of EUR 100,000 on a Covid 19 test lab. The controller failed to implement sufficient technical and organisational measures, resulting in a data breach. Furthermore, the controller refused to inform the data subjects of the breach. The DPA also found that the controller processed certain data without a sufficient legal basis, used a processor without the necessary contract, failed to designate a suitable DPO, and failed to report the designation to the DPA.

Legal Citations

Art. 9Art. 5 (1)Art. 28 (3)Art. 32Art. 34

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Italian Data Protection Authority (Garante) - CA A...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.