Budapest Főváros Kormányhivatala XI. kerületi Hivatalát (11th District Public Health Department of the Government Office of the Capital City Budapest) – €27,700 Fine (Hungary, 2021)

€27,700Nemzeti Adatvédelmi és Információszabadság Hatóság24 March 2021Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Budapest Government Office was fined for sending unencrypted health data via email, risking people's privacy. This matters because it shows the need for strong data protection measures, especially for sensitive information. The fine stresses the importance of securing personal data to prevent breaches.

What happened

The Budapest Government Office emailed unencrypted Covid-19 test data, failing to protect sensitive information.

Who was affected

Individuals whose health and contact information were shared without adequate security measures.

What the authority found

The Hungarian Data Protection Authority found that the office failed to implement necessary security measures, violating GDPR requirements.

Why this matters

This case illustrates the critical need for organizations to use encryption and other security measures when handling sensitive data. It serves as a warning to ensure compliance with data protection standards to avoid hefty fines.

GDPR Articles Cited

Art. 32(1)(a) GDPR
Art. 32(2) GDPR
Art. 33(1) GDPR
Art. 34(1) GDPR
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Budapest Főváros Kormányhivatala XI. kerületi Hivatalát (11th District Public Health Department of the Government Office of the Capital City Budapest) actions
Full Legal Summary
Detailed

The Hungarian DPA (NAIH) has fined the XI District Office of the Government of Budapest EUR 27,700.The controller had emailed health data regarding Covid-19 rapid tests, as well as the contact details of the people tested, to doctors in a single Excel file, unencrypted and without any further measures to ensure confidentiality. The DPA found that the controller had failed to implement technical and organizational measures that ensured the protection of personal data. In addition, the controller failed to inform the DPA and the data subjects about the data violations.

Related Enforcement Actions (0)

No other enforcement actions found for Budapest Főváros Kormányhivatala XI. kerületi Hivatalát (11th District Public Health Department of the Government Office of the Capital City Budapest) in HU

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

24 March 2021

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€27,700

Enforcement Tracker ID

ETid-666

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Budapest Főváros Kormányhivatala XI. kerületi Hivatalát (11th District Public Health Department of the Government Office of the Capital City Budapest) - Hungary (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: