Details:
| Summary | The Romanian DPA has imposed a fine of EUR 5,000 on MED LIFE S.A.. The company had disposed of documents containing sensitive patient data in a publicly accessible garbage can. An individual had found these documents and filed a complaint with the DPA. During its investigation, the DPA found that MED Life had not taken adequate technical and organizational measures to protect personal data and avoid such incidents. |
| Link: | link |
| Related articles: | Art. 32 (1) b), (2), (4) GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 5,000 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/