Azienda ospedale università di Padova

€75,000

Non-compliance with general data processing principles

決定日期

2024年5月9日

權限

Italian Data Protection Authority (Garante)

IT

部門

Health Care

國家

IT

法律

GDPR

狀態

FINAL

說明

The Italian DPA has imposed a fine of EUR 75,000 on Azienda ospedale università di Padova. During its investigation, the DPA found that employees had accessed patient files without authorization and that the controller did not have appropriate access restrictions in place. This allowed employees to access patient files that were not necessary for their work, e.g. because they were not treating the patients in question.

法律引文

Art. 5 (1)Art. 9Art. 25Art. 32

問題與違規

Non-compliance with general data processing principles
檢視正式文件
返回罰款資料庫
上一個精細
Italian Data Protection Authority (Garante) - Poli...
下一個精細
Data Protection Authority of Hamburg (HmbBfDI) - C...

保持最新的隱私權執法資訊

我們尊重您的隱私。每月一封電子郵件,無垃圾郵件,可隨時取消訂閱。