Physician – €1,500 Fine (Cyprus, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A physician in Cyprus was fined EUR 1,500 for accessing a patient's personal data without permission. This matters because it highlights the importance of consent in handling sensitive health information. Healthcare providers must ensure they have the right to access patient data.
What happened
The Cypriot DPA fined a physician for accessing a patient's personal data without consent.
Who was affected
The individual whose personal data was accessed without their consent.
What the authority found
The DPA found that the physician lacked a valid legal basis for accessing the patient's data, violating GDPR's requirement for data processing.
Why this matters
This case emphasizes that healthcare professionals must obtain consent before accessing patient data. It serves as a reminder for all businesses to prioritize user consent when handling personal information.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Cypriot DPA has imposed a fine of EUR 1,500 on a physician. An individual had filed a complaint with the DPA because the physician had accessed their personal data in a healthcare system, even though the physician had not treated the individual or obtained their consent.
Related Enforcement Actions (1)
Other enforcement actions involving Physician in CY
Details
Fine Date
7 December 2023
Authority
Commissioner for Personal Data Protection
Fine Amount
€1,500
Enforcement Tracker ID
ETid-2247
About this data
Cite as: Cookie Fines. Physician - Cyprus (2023). Retrieved from cookiefines.eu
Last updated: