Public Hospital

€400,000

Insufficient technical and organisational measures to ensure information security

Datum odločitve

17. julij 2018

Organ

Portuguese Data Protection Authority (CNPD)

PT

Sektor

Health Care

Država

PT

Zakon

GDPR

Status

FINAL

Opis

Investigation revealed that the hospital’s staff, psychologists, dietitians and other professionals had access to patient data through false profiles. The profile management system appeared deficient – the hospital had 985 registered doctor profiles while only having 296 doctors. Moreover, doctors had unrestricted access to all patient files, regardless of the doctor’s specialty.

Pravne navedbe

Art. 5 (1)Art. 32

Vprašanja in kršitve

Insufficient technical and organisational measures to ensure information security
Oglejte si uradni dokument
Nazaj v zbirko podatkov o globah
Prejšnja globa
Data Protection Authority of Hamburg - Unknown...
Naslednja Drobna
Data Protection Authority of Hamburg (HmbBfDI) - C...

Spremljajte novice o uveljavljanju zasebnosti

Spoštujemo vašo zasebnost. Eno e-poštno sporočilo na mesec, brez neželene pošte, odjava kadar koli.