Enforcement
EN Roma Capitale: Non-compliance with general data processing principles
€176,000 fine - Italian Data Protection Authority (Garante)
Content
The Italian DPA imposed a fine of EUR 176,000 on Roma Capitale. The city had provided data of women who had abortions to the company in charge of the funeral, which included the data on boards placed on the graves of the fetuses. During its investigation, the DPA found that the disclosure of the women's personal data was unlawful, as the related law only provides for the provision of the data of the deceased.
GDPR Articles: Art. 5 (1) a), b), c), d), f) GDPR, Art. 9 GDPR, Art. 28 GDPR, Art. 29 GDPR, Art. 32 GDPR, Art. 2-sexies Codice della privacy, Art. 2-septies Codice della privacy
Industry: Public Sector and Education