Østfold HF Hospital

€112,000

Insufficient technical and organisational measures to ensure information security

決定日期

2020年6月22日

權限

Norwegian Supervisory Authority (Datatilsynet)

NO

部門

Health Care

國家

NO

法律

GDPR

狀態

FINAL

說明

It was found that Østfold HF Hospital had stored patient data, including sensitive data such as the reason for hospitalisation, during the period 2013-2019 without controlling access to the folders where the data was stored. Datatilsynet therefore decided that the hospital had not taken sufficient technical and organisational measures to protect personal data and was therefore in breach of the GDPR and the Patient Records Act.

法律引文

Art. 32

問題與違規

Insufficient technical and organisational measures to ensure information security
檢視正式文件
返回罰款資料庫
上一個精細
Spanish Data Protection Authority (aepd) - Comunid...
下一個精細
Data Protection Authority of Hamburg (HmbBfDI) - C...

保持最新的隱私權執法資訊

我們尊重您的隱私。每月一封電子郵件,無垃圾郵件,可隨時取消訂閱。