Non-Public Health Care Institution

€7,700

Insufficient technical and organisational measures to ensure information security

Datum för beslut

4 augusti 2025

Myndighet

Polish National Personal Data Protection Office (UODO)

PL

Sektor

Health Care

Land

PL

Lag

GDPR

Status

FINAL

Beskrivning

The Polish DPA has imposed a fine of EUR 7,700 on a non-public health care institution. The controller offered home visits by doctors as part of its services. For this purpose, doctors used their private cars and carried patients' health records in them. However, in its risk analysis, the controller failed to take into account the possibility of car theft, resulting in a fine being issued.

Rättsliga hänvisningar

Art. 5 (1)Art. 25 (1)Art. 32 (1)

Frågor och överträdelser

Insufficient technical and organisational measures to ensure information security
Visa officiellt dokument
Tillbaka till databasen för böter
Föregående Fine
Polish National Personal Data Protection Office (U...
Nästa Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Håll dig uppdaterad om efterlevnaden av sekretessreglerna

Vi respekterar din integritet. Ett e-postmeddelande per månad, ingen skräppost, avsluta prenumerationen när som helst.