Covid-19 test center – €16,400 Fine (Germany, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Covid-19 test center in Germany was fined EUR 16,400 for sending an email with personal data to multiple people using an open distribution list. This mistake exposed private information and was not properly documented, violating privacy rules. Businesses must ensure secure communication methods and keep records of any data breaches.
What happened
The Covid-19 test center sent personal data via email to multiple recipients using an open distribution list.
Who was affected
Individuals whose personal data was shared in the email sent by the test center.
What the authority found
The DPA determined that the test center violated privacy rules by not securing personal data in emails and failing to document the breach.
Why this matters
This case underscores the need for secure data handling practices and thorough documentation of breaches. Companies should use secure methods for sharing personal data and maintain records of any data incidents.
GDPR Articles Cited
The DPA of Hessen has fined a Covid-19 test center EUR 16,400. The controller had sent an e-mail containing personal data to several recipients in an open distribution list. The DPA also found that the controller had failed to adequately document the data breach.
Related Enforcement Actions (2)
Other enforcement actions involving Covid-19 test center in DE
Fine
€16K
Details
Fine Date
1 January 2022
Authority
Bundesbeauftragter für den Datenschutz
Fine Amount
€16,400
Enforcement Tracker ID
ETid-1779
About this data
Cite as: Cookie Fines. Covid-19 test center - Germany (2022). Retrieved from cookiefines.eu
Last updated: