Istituti ospedalieri bergamaschi – €45,000 Fine (Italy, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A hospital group in Italy was fined €45,000 after a patient received medical records of seven other patients by mistake. This breach shows the critical need for hospitals to secure patient data and prevent unauthorized access. It serves as a reminder for healthcare providers to strengthen their data protection practices.
What happened
A patient received medical records of seven other patients due to a data breach.
Who was affected
Patients whose medical records were mistakenly shared with another patient.
What the authority found
The Italian DPA found the hospital group violated GDPR by failing to protect patient data adequately.
Why this matters
This case emphasizes the importance for healthcare providers to implement robust data protection measures to safeguard patient information and prevent similar breaches.
GDPR Articles Cited
The Italian DPA (Garante) has imposed a fine of EUR 45,000 on Istituti ospedalieri bergamaschi. The DPA initiated an investigation against the controller after it reported a data breach to the DPA. A patient had mistakenly received medical records and clinical documentation from seven other patients in his digital medical record.
Related Enforcement Actions (0)
No other enforcement actions found for Istituti ospedalieri bergamaschi in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
11 February 2021
Authority
Garante per la protezione dei dati personali
Fine Amount
€45,000
Enforcement Tracker ID
ETid-625
About this data
Cite as: Cookie Fines. Istituti ospedalieri bergamaschi - Italy (2021). Retrieved from cookiefines.eu
Last updated: