Aleris Sjukvård AB

€1,463,000

Insufficient technical and organisational measures to ensure information security

Karar Tarihi

3 Aralık 2020

Otorite

Data Protection Authority of Sweden (Integritetsskyddsmyndigheten)

SE

Sektör

Health Care

Ülke

SE

Hukuk

GDPR

Durum

FINAL

Açıklama

The Swedish DPA (Integritetsskyddsmyndigheten) fined Aleris Sjukvård AB SEK 15,000,000 (EUR 1,463,000) for failing to implement adequate technical and organizational measures to ensure information security. It was found that there was no risk analysis regarding the access to patient data. Authorizations for users of the hospital information system TakeCare were not assigned according to the principle of minimum access. This gave users full access to confidential patient data that they did not need for work purposes.

Yasal Atıflar

Art. 5 (1)Art. 5 (2)Art. 32 (1)Art. 32 (2)

Sorunlar & İhlaller

Insufficient technical and organisational measures to ensure information security
Resmi Belgeyi Görüntüle
Para Cezaları Veritabanına Geri Dön
Önceki İnce
Spanish Data Protection Authority (aepd) - Losada ...
Sonraki İnce
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gizlilik Uygulamasından Haberdar Olun

Gizliliğinize saygı duyuyoruz. Ayda bir e-posta, spam yok, istediğiniz zaman abonelikten çıkın.