Medicover S.R.L. – €1,000 Fine (Romania, 2022)

€1,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal24 November 2022Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Romanian DPA fined Medicover S.R.L. EUR 1,000 for accidentally sending personal data to the wrong person. The company failed to protect sensitive information properly, leading to unauthorized disclosure. This incident shows the need for strong security measures to prevent data breaches.

What happened

Medicover S.R.L. mistakenly sent personal data to the wrong recipient, leading to unauthorized disclosure.

Who was affected

Individuals whose personal and health data were sent to the wrong recipient by Medicover S.R.L.

What the authority found

The Romanian DPA determined that Medicover S.R.L. did not implement adequate security measures to protect personal data, resulting in a breach.

Why this matters

This case serves as a warning to companies about the importance of implementing robust security measures to protect personal data. It highlights the potential consequences of data breaches and the need for careful handling of sensitive information.

GDPR Articles Cited

Art. 32(1)(b) GDPR
Art. 32(2) GDPR
Art. 32(4) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Medicover S.R.L. actions
Full Legal Summary
Detailed

The Romanian DPA has imposed a fine of EUR 1,000 on Medicover S.R.L.. The controller had reported a data breach to the DPA pursuant to Art. 33 GDPR. The controller had inadvertently sent documents containing personal data to the wrong recipient. As a result, personal data such as the data subject's name, correspondence address, e-mail and health data were disclosed without authorization. The DPA determined that the incidents were due to the controller's failure to implement appropriate technical and organizational measures to protect the processing of personal data.

Related Enforcement Actions (0)

No other enforcement actions found for Medicover S.R.L. in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

24 November 2022

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€1,000

Enforcement Tracker ID

ETid-1501

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Medicover S.R.L. - Romania (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: