Azienda socio sanitaria locale n. 3 di Nuoro – €13,000 Fine (Italy, 2023)

€13,000Garante per la protezione dei dati personali13 April 2023Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A health authority in Nuoro was fined for publishing personal health data online without permission. This is important because it shows that even public health organizations must protect personal information and have a valid reason to share it. The case underlines the need for careful handling of sensitive data.

What happened

Azienda socio sanitaria locale n. 3 di Nuoro published an individual's personal and health data online without a valid legal basis.

Who was affected

An individual whose personal and health-related information was published online by the health authority.

What the authority found

The Italian DPA found that the health authority unlawfully published personal data without a valid legal basis.

Why this matters

This case highlights the critical need for public organizations to safeguard personal data and ensure they have a legal basis for sharing it. It serves as a warning to all entities handling sensitive information to review their data protection practices.

GDPR Articles Cited

Art. 5(GDPR)
Art. 6(GDPR)
Art. 9(GDPR)
Art. 2-septies (8) Codice della privacy GDPR
Italy enforcementGarante per la protezione dei dati personali actionsAll Azienda socio sanitaria locale n. 3 di Nuoro actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 13,000 on Azienda socio sanitaria locale n. 3 di Nuoro. An individual had filed a complaint with the DPA because the health authority had published their personal data (date of birth, residence, health-related data) on the internet in the context of a medication request. In the course of its investigation, the DPA found that the controller had published the data without a valid legal basis and therefore had acted unlawfully.

Related Enforcement Actions (0)

No other enforcement actions found for Azienda socio sanitaria locale n. 3 di Nuoro in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

13 April 2023

Authority

Garante per la protezione dei dati personali

Fine Amount

€13,000

Enforcement Tracker ID

ETid-1927

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Azienda socio sanitaria locale n. 3 di Nuoro - Italy (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: