University of Agder
€12,700
Insufficient technical and organisational measures to ensure information security
决定日期
2024年9月4日
权力
Norwegian Supervisory Authority (Datatilsynet)
NO
部门
Public Sector and Education
国家
NO
法律
GDPR现状
FINAL说明
The Norwegian DPA has fined the University of Agder (UiA) EUR 12,700. An employee of UiA had discovered that documents containing personal data of employees, students and external individuals were stored in open Microsoft Teams foldersand that employees with no business need were able to access them. During its investigation, the DPA found that UiA had failed to implement appropriate technical and organisational measures to protect personal data.
法律引文
Art. 32Art. 24
问题与违规
Insufficient technical and organisational measures to ensure information security