Public Hospital

€400,000

Insufficient technical and organisational measures to ensure information security

Dátum rozhodnutia

17. júla 2018

Úrad

Portuguese Data Protection Authority (CNPD)

PT

Sektor

Health Care

Krajina

PT

Právo

GDPR

Stav

FINAL

Popis

Investigation revealed that the hospital’s staff, psychologists, dietitians and other professionals had access to patient data through false profiles. The profile management system appeared deficient – the hospital had 985 registered doctor profiles while only having 296 doctors. Moreover, doctors had unrestricted access to all patient files, regardless of the doctor’s specialty.

Právne citácie

Art. 5 (1)Art. 32

Problémy a porušenia

Insufficient technical and organisational measures to ensure information security
Zobraziť oficiálny dokument
Späť na databázu pokút
Predchádzajúca pokuta
Data Protection Authority of Hamburg - Unknown...
Ďalšia pokuta
Data Protection Authority of Hamburg (HmbBfDI) - C...

Aktualizujte informácie o presadzovaní ochrany osobných údajov

Rešpektujeme vaše súkromie. Jeden e-mail mesačne, žiadny spam, odhlásiť sa môžete kedykoľvek.