Azienda Usl Toscana Sud Est. – €20,000 Fine (Italy, 2023)

€20,000Garante per la protezione dei dati personali1 June 2023Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Azienda Usl Toscana Sud Est was fined EUR 20,000 for displaying a poster in an emergency room that showed a patient's personal and health data. This breach of privacy rules highlights the importance of safeguarding personal information, especially sensitive health data, in public spaces.

What happened

A healthcare provider displayed a poster with visible personal and health data of a patient in an emergency room.

Who was affected

Patients whose personal and health data were exposed on the poster in the emergency room.

What the authority found

The Italian data protection authority found the healthcare provider violated GDPR by not protecting personal data and displaying it publicly.

Why this matters

This case underscores the need for healthcare providers to ensure that personal data is not exposed in public areas, emphasizing the importance of data protection practices in medical settings.

GDPR Articles Cited

Art. 9 GDPR
Art. 2-septies (8) Codice della privacy GDPR
Art. 5(1)(a) GDPR
Art. 25(1) GDPR
Italy enforcementGarante per la protezione dei dati personali actionsAll Azienda Usl Toscana Sud Est. actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 20,000 against Azienda Usl Toscana Sud Est. The controller had put up an information poster in the emergency room showing a healthcare professional at a computer, on which an emergency protocol with the personal data (including health data) of a data subject was visible. In response to a request from the DPA, the healthcare provider explained that the publication of the data was due to mere inattention and that the poster had only been displayed for a few weeks.

Related Enforcement Actions (0)

No other enforcement actions found for Azienda Usl Toscana Sud Est. in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

1 June 2023

Authority

Garante per la protezione dei dati personali

Fine Amount

€20,000

Enforcement Tracker ID

ETid-2000

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Azienda Usl Toscana Sud Est. - Italy (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: