Karolinska University Hospital of Solna – €390,100 Fine (Sweden, 2020)

€390,100Integritetsskyddsmyndigheten3 December 2020Sweden
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Karolinska University Hospital of Solna was fined over 390,000 euros for not securing patient data properly. The hospital allowed employees to access more information than necessary, risking patient privacy. This case emphasizes the need for strong data protection in hospitals.

What happened

Karolinska University Hospital of Solna did not properly restrict access to patient data, compromising security.

Who was affected

Patients whose confidential data was accessible to employees without a need for such access.

What the authority found

The Swedish DPA found Karolinska University Hospital of Solna violated GDPR by failing to ensure adequate data security and access control.

Why this matters

This decision highlights the importance of implementing strict data access policies in healthcare, encouraging other institutions to review and improve their security measures.

GDPR Articles Cited

AI-verified

Art. 5(1)(f) GDPR
Art. 5(2) GDPR
Art. 32(1) GDPR
View original scraped data
Art. 5(1)(f) GDPR
Art. 5(2) GDPR
Art. 32(1) GDPR
Art. 32(2) GDPR

Original data from scraper before AI verification against source document.

Source verified 6 March 2026
articles corrected
Sweden enforcementIntegritetsskyddsmyndigheten actionsAll Karolinska University Hospital of Solna actions
Full Legal Summary
Detailed

The Swedish DPA (Integritetsskyddsmyndigheten) fined Karolinska University Hospital of Solna SEK 4,000,000 (EUR 390,100) for failing to implement adequate technical and organizational measures to ensure information security. It was found that there was no risk analysis regarding the access to patient data. Authorizations for users of the hospital information system TakeCare were not assigned according to the principle of minimum access. This gave users full access to confidential patient data that they did not need for work purposes.

Related Enforcement Actions (0)

No other enforcement actions found for Karolinska University Hospital of Solna in SE

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

3 December 2020

Authority

Integritetsskyddsmyndigheten

Fine Amount

€390,100

Enforcement Tracker ID

ETid-472

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Karolinska University Hospital of Solna - Sweden (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: