Azienda Socio Sanitaria Territoriale Rhodense
€3,000
Insufficient technical and organisational measures to ensure information security
决定日期
2022年7月21日
权力
Italian Data Protection Authority (Garante)
IT
部门
Health Care
国家
IT
法律
GDPR现状
FINAL说明
The Italian DPA has fined Azienda Socio Sanitaria Territoriale Rhodense EUR 3,000. The healthcare facility had reported the loss of a patient's medical record. The file contained personal data such as surname, first name, gender, date and place of birth, tax number, place of residence, telephone numbers of the data subject. The DPA determined that the incident was caused by a lack of technical and organizational measures to protect personal data at the healthcare facility.
法律引文
Art. 5 (1)Art. 32
问题与违规
Insufficient technical and organisational measures to ensure information security