Azienda socio sanitaria territoriale di Lodi CF – €40,000 Fine (Italy, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Azienda socio sanitaria territoriale di Lodi CF was fined €40,000 for improperly accessing a patient's file without a valid reason. This incident shows how important it is for health authorities to protect patient privacy and only access information when necessary. It serves as a warning to other organizations about the consequences of mishandling sensitive data.
What happened
Azienda socio sanitaria territoriale di Lodi CF accessed an employee's medical file without a legal reason.
Who was affected
An employee of the health authority who was also a patient had their medical file accessed.
What the authority found
The Garante found that the health authority violated data protection rules by accessing personal data without justification.
Why this matters
This ruling highlights the serious consequences of unauthorized access to personal data in healthcare. It reminds healthcare providers to enforce strict access controls to protect patient information.
GDPR Articles Cited
The Italian DPA has imposed a fine of ERU 40,000 on the health authority Azienda socio sanitaria territoriale di Lodi CF. Employees of the health authority had accessed the file of another employee, who was also a patient, without a medical reason or any other legal basis.
Related Enforcement Actions (0)
No other enforcement actions found for Azienda socio sanitaria territoriale di Lodi CF in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
12 October 2023
Authority
Garante per la protezione dei dati personali
Fine Amount
€40,000
Enforcement Tracker ID
ETid-2145
About this data
Cite as: Cookie Fines. Azienda socio sanitaria territoriale di Lodi CF - Italy (2023). Retrieved from cookiefines.eu
Last updated: