Azienda ULSS n.5 Polesana – €5,000 Fine (Italy, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Italian Data Protection Authority fined Azienda ULSS n.5 Polesana EUR 5,000 for sending a patient's medical record to the wrong person. The authority found that the healthcare facility lacked adequate measures to protect personal data. This case underscores the importance of strong data protection practices in healthcare settings.
What happened
A healthcare facility mistakenly sent a patient's medical record to the wrong patient.
Who was affected
Patients whose medical records were mishandled by the healthcare facility.
What the authority found
The Italian DPA found that the healthcare facility did not have sufficient measures to protect personal data, leading to the fine.
Why this matters
This case highlights the critical need for healthcare providers to implement robust data protection measures to prevent data breaches. It serves as a warning to other organizations about the consequences of inadequate data security practices.
GDPR Articles Cited
The Italian DPA has imposed a fine of EUR 5,000 on Azienda ULSS n.5 Polesana. The healthcare facility had mistakenly sent a patient medical record to the wrong patient. The DPA found that the healthcare facility had not taken sufficient technical and organizational measures to protect personal data, which allowed such an incident to occur.
Related Enforcement Actions (0)
No other enforcement actions found for Azienda ULSS n.5 Polesana in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
26 January 2023
Authority
Garante per la protezione dei dati personali
Fine Amount
€5,000
Enforcement Tracker ID
ETid-1693
About this data
Cite as: Cookie Fines. Azienda ULSS n.5 Polesana - Italy (2023). Retrieved from cookiefines.eu
Last updated: