Healthcare facility

€9,200

Insufficient technical and organisational measures to ensure information security

Karar Tarihi

13 Haziran 2024

Otorite

Polish National Personal Data Protection Office (UODO)

PL

Sektör

Health Care

Ülke

PL

Hukuk

GDPR

Durum

FINAL

Açıklama

The Polish DPA has imposed a fine of EUR 9,200 on a healthcare facility. The company suffered a ransomware attack on its systems, resulting in the loss of personal data. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data in order to prevent such incidents. Furthermore, the controller failed to notify the data subjects about the incident.

Yasal Atıflar

Art. 24 (1)Art. 25 (1)Art. 32 (1)Art. 34 (1)

Sorunlar & İhlaller

Insufficient technical and organisational measures to ensure information security
Resmi Belgeyi Görüntüle
Para Cezaları Veritabanına Geri Dön
Önceki İnce
Spanish Data Protection Authority (aepd) - DQG NOR...
Sonraki İnce
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gizlilik Uygulamasından Haberdar Olun

Gizliliğinize saygı duyuyoruz. Ayda bir e-posta, spam yok, istediğiniz zaman abonelikten çıkın.