Skip to content
Enforcement
EN

Poste Vita S.p.a.: Insufficient technical and organisational measures to ensure information security

€80,000 fine - Italian Data Protection Authority (Garante)

€80,000 Fine
Poste Vita S.p.a.
ITALY
Insufficient technical and organisational measures to ensure information security

Content

The Italian DPA has imposed a fine on Poste Vita S.p.a. The controller failed to implement adequate technical and organisational measures to ensure data security. This resulted in a third party successfully tricking an employee into forwarding sensitive personal data, which was then used against the data subject.

GDPR Articles: Art. 5 (1) a), f) GDPR, Art. 33 (1) GDPR
Industry: Finance, Insurance and Consulting