Azienda socio-sanitaria locale n. 1 di Sassari – €4,000 Fine (Italy, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An Italian healthcare facility accidentally sent a patient's health data to the wrong person. The Italian data protection authority fined the facility EUR 4,000 for not having enough safeguards to protect personal information. This case highlights the importance of strong data protection measures in healthcare settings.
What happened
A healthcare facility sent a document containing health data to the wrong recipient.
Who was affected
Patients whose health data was mistakenly shared with an unintended recipient.
What the authority found
The authority found that the healthcare facility lacked sufficient technical and organizational measures to protect personal data, violating GDPR requirements.
Why this matters
This case underscores the critical need for healthcare providers to implement robust data protection measures to prevent unauthorized data disclosures. It serves as a reminder that even small mistakes can lead to significant privacy breaches and financial penalties.
GDPR Articles Cited
The Italian DPA has imposed a fine of EUR 4,000 on Azienda socio-sanitaria locale n. 1 di Sassari. The controller had mistakenly sent a document containing health data of the data subject to the wrong recipient. The DPA found that the healthcare facility had not taken sufficient technical and organizational measures to protect personal data.
Related Enforcement Actions (1)
Other enforcement actions involving Azienda socio-sanitaria locale n. 1 di Sassari in IT
Details
Fine Date
23 March 2023
Authority
Garante per la protezione dei dati personali
Fine Amount
€4,000
Enforcement Tracker ID
ETid-1740
About this data
Cite as: Cookie Fines. Azienda socio-sanitaria locale n. 1 di Sassari - Italy (2023). Retrieved from cookiefines.eu
Last updated: