Skip to content
Enforcement
EN

Azienda Socio Sanitaria Territoriale Rhodense: Insufficient technical and organisational measures to ensure information security

€3,000 fine - Italian Data Protection Authority (Garante)

€3,000 Fine
Azienda Socio Sanitaria Territoriale Rhodense
ITALY
Insufficient technical and organisational measures to ensure information security

Content

The Italian DPA has fined Azienda Socio Sanitaria Territoriale Rhodense EUR 3,000. The healthcare facility had reported the loss of a patient's medical record. The file contained personal data such as surname, first name, gender, date and place of birth, tax number, place of residence, telephone numbers of the data subject. The DPA determined that the incident was caused by a lack of technical and organizational measures to protect personal data at the healthcare facility.

GDPR Articles: Art. 5 (1) f) GDPR, Art. 32 GDPR
Industry: Health Care