BRISTOL LOGISTICS SA
Insufficient technical and organisational measures to ensure information security
决定日期
2023年1月12日
权力
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
RO
部门
Transportation and Energy
国家
RO
法律
GDPR现状
FINAL说明
The Romanian DPA has imposed a fine of EUR 10,000 on BRISTOL LOGISTICS SA. The DPA received a notification from BRISTOL LOGISTICS SA of a personal data breach under Art. 33 GDPR. The notification stated that a binder containing the personnel files of 12 employees had been stolen, which led to unauthorized persons having access to personal data. The DPA considered this to be a violation of Art. 32 GDPR, as the municipality had failed to implement appropriate technical and organizational measures to ensure a level of protection commensurate with the risk.