L. Zamenhof University Children's Clinical Hospital in Białystok

€15,600

Insufficient technical and organisational measures to ensure information security

Decision Date

30 de junho de 2025

Authority

Polish National Personal Data Protection Office (UODO)

Sector

Health Care

Country

Law

GDPR

Status

FINAL

Description

The Polish DPA has imposed a fine of EUR 15,600 on the L. Zamenhof University Children's Clinical Hospital in Białystok. The controller did not implement sufficient technical and organisational measures to ensure information security, resulting in a ramsomeware attack on its IT systems.