Details:
| Summary | The DPA of Baden-Wuerttemberg has imposed a fine of EUR 2,000 on a clinic employee. The employee had unlawfully accessed a patient administration system in order to find out more about their new neighbor. This not only gave them access to personal details of the data subject, but also to medical information about them. |
| Link: | link |
| Related articles: | Art. 6 GDPR, Art. 9 GDPR |
| Type: | Insufficient legal basis for data processing |
| Fine: | EUR 2,000 |
| Sector | Individuals and Private Associations |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/