Details:
| Summary | The Italian DPA has imposed a fine of ERU 40,000 on the health authority Azienda socio sanitaria territoriale di Lodi CF. Employees of the health authority had accessed the file of another employee, who was also a patient, without a medical reason or any other legal basis. |
| Link: | link |
| Related articles: | Art. 5 (1) a), b), c), f) GDPR, Art. 9 GDPR, Art. 32 GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 40,000 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/