Azienda Socio Sanitaria Territoriale Ovest Milanese

€12,000

Non-compliance with general data processing principles

決定日期

2023年7月18日

權限

Italian Data Protection Authority (Garante)

IT

部門

Health Care

國家

IT

法律

GDPR

狀態

FINAL

說明

The Italian DPA has imposed a fine of EUR 12,000 on Azienda Socio Sanitaria Territoriale Ovest Milanese. The controller had suffered data breaches that affected the privacy of several data subjects. For example, a patient's health records were given to the wrong patient. In addition, the controller had sent an email regarding Covid-19 behavior in multiple scelrose patients to 198 recipients, allowing all recipients to openly view the other email addresses. In addition, the controller sent an invitation for a disability assessment to the wrong person.

法律引文

Art. 5 (1)Art. 9Art. 32

問題與違規

Non-compliance with general data processing principles
檢視正式文件
返回罰款資料庫
上一個精細
Italian Data Protection Authority (Garante) - Priv...
下一個精細
Data Protection Authority of Hamburg (HmbBfDI) - C...

保持最新的隱私權執法資訊

我們尊重您的隱私。每月一封電子郵件,無垃圾郵件,可隨時取消訂閱。