Azienda sanitaria provinciale di Caltanissetta – €6,000 Fine (Italy, 2022)

€6,000Garante per la protezione dei dati personali10 March 2022Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Azienda sanitaria provinciale di Caltanissetta was fined €6,000 for sending emails to the wrong address and not properly handling a data access request. They also failed to update their data protection officer's contact information. This shows the importance of respecting user requests and keeping contact details current.

What happened

Azienda sanitaria provinciale di Caltanissetta sent communications to a business email instead of a personal one and mishandled a data access request.

Who was affected

Individuals who requested specific email communications and access to their data.

What the authority found

The Italian DPA found the healthcare facility did not comply with user requests for communication and data access, and failed to update their data protection officer's contact details.

Why this matters

This case emphasizes the need for businesses to respect user communication preferences and ensure accurate contact information for data protection officers. It serves as a reminder to comply with data access requests promptly.

GDPR Articles Cited

Art. 2-ter Codice della privacy GDPR
Art. 5(GDPR)
Art. 6(GDPR)
Art. 12(GDPR)
Art. 15(GDPR)
Art. 37(GDPR)
Italy enforcementGarante per la protezione dei dati personali actionsAll Azienda sanitaria provinciale di Caltanissetta actions
Full Legal Summary
Detailed

The Italian DPA has fined Azienda sanitaria provinciale di Caltanissetta EUR 6,000. The data subject had asked the controller, in the context of legal proceedings, to send any communication regarding this matter only to their personal email inbox. Nevertheless, the controller had sent communications to the data subject's business email address. In addition, the data subject had requested access to their data. However, the controller did not properly comply with this request. In the course of its investigation, the DPA also found that the health care facility had failed to notify the DPA of the name and contact details of a new data protection officer and to update them on its website.

Related Enforcement Actions (0)

No other enforcement actions found for Azienda sanitaria provinciale di Caltanissetta in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

10 March 2022

Authority

Garante per la protezione dei dati personali

Fine Amount

€6,000

Enforcement Tracker ID

ETid-1131

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Azienda sanitaria provinciale di Caltanissetta - Italy (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: