Public Hospital

€400,000

Insufficient technical and organisational measures to ensure information security

Karar Tarihi

17 Temmuz 2018

Otorite

Portuguese Data Protection Authority (CNPD)

PT

Sektör

Health Care

Ülke

PT

Hukuk

GDPR

Durum

FINAL

Açıklama

Investigation revealed that the hospital’s staff, psychologists, dietitians and other professionals had access to patient data through false profiles. The profile management system appeared deficient – the hospital had 985 registered doctor profiles while only having 296 doctors. Moreover, doctors had unrestricted access to all patient files, regardless of the doctor’s specialty.

Yasal Atıflar

Art. 5 (1)Art. 32

Sorunlar & İhlaller

Insufficient technical and organisational measures to ensure information security
Resmi Belgeyi Görüntüle
Para Cezaları Veritabanına Geri Dön
Önceki İnce
Data Protection Authority of Hamburg - Unknown...
Sonraki İnce
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gizlilik Uygulamasından Haberdar Olun

Gizliliğinize saygı duyuyoruz. Ayda bir e-posta, spam yok, istediğiniz zaman abonelikten çıkın.