Informatica Alto Adige Spa
€10,000
Insufficient technical and organisational measures to ensure information security
Ngày ra quyết định
23 tháng 3, 2023
Thẩm quyền
Italian Data Protection Authority (Garante)
IT
Ngành
Health Care
Quốc gia
IT
Luật
GDPRTrạng thái
FINALMô tả
The Italian DPA has fined Informatica Alto Adige Spa EUR 10,000. The municipality of Bolzano had reported a data protection breach to the DPA involving unauthorized access to the health data of a number of patients caused by a deficiency in the electronic health record that the municipality had delegated to Informatica Alto Adige Spa. During its investigation, the DPA found that Alto Adige Spa had failed to take appropriate technical and organizational measures to prevent such incidents.
Trích dẫn pháp lý
Art. 5 (1)Art. 32
Vấn đề & Vi phạm
Insufficient technical and organisational measures to ensure information security