University of Agder
€12,700
Insufficient technical and organisational measures to ensure information security
決定日期
2024年9月4日
權限
Norwegian Supervisory Authority (Datatilsynet)
NO
部門
Public Sector and Education
國家
NO
法律
GDPR狀態
FINAL說明
The Norwegian DPA has fined the University of Agder (UiA) EUR 12,700. An employee of UiA had discovered that documents containing personal data of employees, students and external individuals were stored in open Microsoft Teams foldersand that employees with no business need were able to access them. During its investigation, the DPA found that UiA had failed to implement appropriate technical and organisational measures to protect personal data.
法律引文
Art. 32Art. 24
問題與違規
Insufficient technical and organisational measures to ensure information security