Enforcement
EN Mayor: Insufficient technical and organisational measures to ensure information security
€1,700 fine - Polish National Personal Data Protection Office (UODO)
Content
The Polish DPA has imposed a fine of EUR 1,700 on the mayor of Dobrzyniewo Duże municipality. The mayor had reported a data breach to the DPA pursuant to Art. 33 GDPR. An employee's work computer, which contained personal data, had been stolen. During its investigation, the DPA determined that the data on the computer was not adequately secured and that the municipality had failed to take appropriate technical measures to protect personal data.
GDPR Articles: Art. 5 (1) f) GDPR, Art. 5 (2) GDPR, Art. 25 (1) GDPR, Art. 32 (1), (2) GDPR
Industry: Public Sector and Education