Enforcement
EN Innova Camara: Insufficient technical and organisational measures to ensure information security
€25,000 fine - Italian Data Protection Authority (Garante)
Content
The Italian DPA has imposed a fine of EUR 25,000 on Innova Camara. The controller had suffered a cyber attack in which databases were accessed and malicious files (backdoors) were inserted. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data in order to prevent such an incident.
GDPR Articles: Art. 5 (1) e), f) GDPR, Ar.t 32 GDPR
Industry: Public Sector and Education