Details:
| Summary | The Danish DPA (Datatilsynet) has fined Medicals Nordic I/S EUR 80,700. In January 2021, the DPA became aware that Medicals Nordic was using WhatsApp to transmit confidential information and health data about citizens being tested in the company’s test centres. All employees working in a test centre were invited to a WhatsApp group associated with the test centre. The members of these WhatsApp groups received all the messages transmitted by other employees in the groups. The employees shared confidential information about citizens to the company’s central administration through those WhatsApp groups. This meant that employees who, did not have a work-related need to process information – which other employees had to transmit to the central administration – nevertheless received the information, which included, inter alia, personal identity numbers and health data of citizens. |
| Link: | link |
| Related articles: | Unknown |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 80,700 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/