Details:
| Summary | The Italian DPA has fined Azienda Sanitaria Locale Frosinone EUR 7,500. In the course of its investigation against the medical facility, the Garante found that their privacy policy showed significant deficiencies. For example, the facility had indicated several purposes for processing the data, but the relevant legal bases for doing so were not always indicated. Those legal bases that were stated were often incorrect or contradictory. In addition, the facility did not provide sufficient information on the storage periods of the collected data. |
| Link: | link |
| Related articles: | Art. 5 (1) a) GDPR, Art. 12 GDPR, Art. 13 GDPR |
| Type: | Insufficient fulfilment of information obligations |
| Fine: | EUR 7,500 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/