Public Hospital

€400,000

Insufficient technical and organisational measures to ensure information security

Data deciziei

17 iulie 2018

Autoritatea

Portuguese Data Protection Authority (CNPD)

PT

Sector

Health Care

Țara

PT

Legea

GDPR

Statut

FINAL

Descriere

Investigation revealed that the hospital’s staff, psychologists, dietitians and other professionals had access to patient data through false profiles. The profile management system appeared deficient – the hospital had 985 registered doctor profiles while only having 296 doctors. Moreover, doctors had unrestricted access to all patient files, regardless of the doctor’s specialty.

Citări juridice

Art. 5 (1)Art. 32

Probleme și încălcări

Insufficient technical and organisational measures to ensure information security
Vezi documentul oficial
Înapoi la baza de date a amenzilor
Amenda anterioară
Data Protection Authority of Hamburg - Unknown...
Următoarea amendă
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rămâneți la curent cu aplicarea normelor de confidențialitate

Îți respectăm confidențialitatea. Un e-mail pe lună, fără spam, dezabonare oricând.