Details:
| Summary | The Polish DPA has imposed a fine of EUR 23,000 on the Polish Minister of Health. The controller had accessed information via a database relating to a physician who had prescribed themselves psychotropic drugs and then later published this information on a social network. |
| Link: | link |
| Related articles: | Art. 25 (1) GDPR, Art. 32 (1), (2) GDPR, Art. 34 (2) GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 23,000 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/