Physician: Non-compliance with general data processing principles

The Cypriot DPA has imposed a fine of EUR 1,500 on a physician. An individual had filed a complaint with the DPA because the physician had accessed their personal data in a healthcare system, even though the physician had not treated the individual or obtained their consent.

GDPR Articles: Art. 5 (1) a) GDPR
Industry: Health Care