Enforcement
EN SC Cntar Tarom SA: Insufficient technical and organisational measures to ensure information security
€5,000 fine - Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
Content
Unauthorised disclosure of the data of five Tarom passengers due to inadequate technical and organisational measures for secure data processing. Among other things, the company was required to take corrective action, including training its employees and conducting risk assessment procedures.
GDPR Articles: Art. 32 GDPR
Industry: Industry and Commerce