Physician – €5,600 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Spanish doctor was fined €5,600 for using a patient's treatment recordings in advertisements without consent. The Spanish Data Protection Agency found this violated GDPR rules on lawful data processing. This serves as a warning to healthcare providers about the importance of obtaining consent before using patient data for non-medical purposes.
What happened
A physician used a patient's treatment recordings for advertising without obtaining consent.
Who was affected
A patient whose treatment recordings were used in advertisements without their consent.
What the authority found
The agency fined the physician for processing personal data without a valid legal basis, violating GDPR's consent requirements.
Why this matters
This case warns healthcare providers to ensure they have proper consent before using patient data for purposes beyond medical treatment, highlighting the GDPR's strict consent requirements.
GDPR Articles Cited
The Spanish DPA (AEPD) has fined a physician. The physician had used recordings of a patient's treatment for advertising purposes. However, the patient had not consented to this. For this reason, the DPA found that the doctor had processed the data without a valid legal basis. The original fine of EUR 7,000 was reduced to EUR 5,600 due to immediate payment.
Related Enforcement Actions (1)
Other enforcement actions involving Physician in ES
Details
Fine Date
22 April 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€5,600
Enforcement Tracker ID
ETid-1142
About this data
Cite as: Cookie Fines. Physician - Spain (2022). Retrieved from cookiefines.eu
Last updated: