Magdeburg University Hospital – €9,000 Fine (Germany, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Magdeburg University Hospital was fined €9,000 for not reporting a data breach to the authorities. A former employee had shared personal data from the hospital's systems without permission. This case highlights the importance of promptly reporting data breaches.
What happened
Magdeburg University Hospital failed to report a data breach involving unauthorized data sharing by a former employee.
Who was affected
Patients and individuals whose personal data was unlawfully disclosed by a former hospital employee.
What the authority found
The data protection authority fined the hospital for not reporting the data breach as required under GDPR Article 33.
Why this matters
This case underscores the necessity for organizations to have robust breach reporting procedures. Failing to report breaches can lead to fines, emphasizing the need for compliance with GDPR's reporting requirements.
GDPR Articles Cited
The DPA of Sachsen-Anhalt has imposed a fine of EUR 9,000 on Magdeburg University Hospital. The clinic had failed to report to the DPA a data breach involving a former employee having unlawfully disclosed personal data from the clinic's systems to third parties.
Related Enforcement Actions (0)
No other enforcement actions found for Magdeburg University Hospital in DE
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
1 January 2023
Authority
Bundesbeauftragter für den Datenschutz
Fine Amount
€9,000
Enforcement Tracker ID
ETid-1617
About this data
Cite as: Cookie Fines. Magdeburg University Hospital - Germany (2023). Retrieved from cookiefines.eu
Last updated: