Medical association

€3,000

Insufficient legal basis for data processing

Datum för beslut

9 maj 2024

Myndighet

Italian Data Protection Authority (Garante)

IT

Sektor

Health Care

Land

IT

Lag

GDPR

Status

FINAL

Beskrivning

The Italian DPA has imposed a fine of EUR 3,000 on a medical association. A doctor had filed a complaint because the professional association suspended them for not fulfilling the COVID-19 vaccination obligation and also informed their employer of this. An email from the association requesting notification of the employer was inadvertently sent to other individuals, as a result of which their email addresses and vaccination status became known.

Rättsliga hänvisningar

Art. 5 (1)Art. 6Art. 2

Frågor och överträdelser

Insufficient legal basis for data processing
Visa officiellt dokument
Tillbaka till databasen för böter
Föregående Fine
Italian Data Protection Authority (Garante) - Azzu...
Nästa Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Håll dig uppdaterad om efterlevnaden av sekretessreglerna

Vi respekterar din integritet. Ett e-postmeddelande per månad, ingen skräppost, avsluta prenumerationen när som helst.