Azienda Socio Sanitaria Territoriale Rhodense
€3,000
Insufficient technical and organisational measures to ensure information security
Ngày ra quyết định
21 tháng 7, 2022
Thẩm quyền
Italian Data Protection Authority (Garante)
IT
Ngành
Health Care
Quốc gia
IT
Luật
GDPRTrạng thái
FINALMô tả
The Italian DPA has fined Azienda Socio Sanitaria Territoriale Rhodense EUR 3,000. The healthcare facility had reported the loss of a patient's medical record. The file contained personal data such as surname, first name, gender, date and place of birth, tax number, place of residence, telephone numbers of the data subject. The DPA determined that the incident was caused by a lack of technical and organizational measures to protect personal data at the healthcare facility.
Trích dẫn pháp lý
Art. 5 (1)Art. 32
Vấn đề & Vi phạm
Insufficient technical and organisational measures to ensure information security