Covid-19 test center

€2,700

Insufficient technical and organisational measures to ensure information security

Karar Tarihi

1 Ocak 2022

Otorite

Data Protection Authority of Hamburg

DE

Sektör

Health Care

Ülke

DE

Hukuk

GDPR

Durum

FINAL

Açıklama

The DPA of Hamburg has imposed a fine of EUR 2,700 on a Covid-19 test center. The test center had send the data subjects an unencrypted e-mail containing a URL that allowed them to access the test result without taking any further security measures. In some cases, the download link was structured in a way that led to the download of a PDF file with the file name corresponding to the last name of the person tested. With knowledge of the directory path, it was therefore possible to view third-party test results.

Yasal Atıflar

Art. 32 (1)

Sorunlar & İhlaller

Insufficient technical and organisational measures to ensure information security
Resmi Belgeyi Görüntüle
Para Cezaları Veritabanına Geri Dön
Önceki İnce
Data Protection Authority of Hamburg - Covid-19 te...
Sonraki İnce
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gizlilik Uygulamasından Haberdar Olun

Gizliliğinize saygı duyuyoruz. Ayda bir e-posta, spam yok, istediğiniz zaman abonelikten çıkın.