Azienda ospedale università di Padova – €75,000 Fine (Italy, 2024)

€75,000Garante per la protezione dei dati personali9 May 2024Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Italian DPA has imposed a fine of EUR 75,000 on Azienda ospedale università di Padova. During its investigation, the DPA found that employees had accessed patient files without authorization and that the controller did not have appropriate access restrictions in place. This allowed employees to access patient files that were not necessary for their work, e.g. because they were not treating the patients in question.

GDPR Articles Cited

Art. 9 GDPR
Art. 25 GDPR
Art. 32 GDPR
Art. 5(1)(a) GDPR
Italy enforcementGarante per la protezione dei dati personali actionsAll Azienda ospedale università di Padova actions
Full Legal Summary

The Italian DPA has imposed a fine of EUR 75,000 on Azienda ospedale università di Padova. During its investigation, the DPA found that employees had accessed patient files without authorization and that the controller did not have appropriate access restrictions in place. This allowed employees to access patient files that were not necessary for their work, e.g. because they were not treating the patients in question.

Related Enforcement Actions (0)

No other enforcement actions found for Azienda ospedale università di Padova in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

9 May 2024

Authority

Garante per la protezione dei dati personali

Fine Amount

€75,000

Enforcement Tracker ID

ETid-2370

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Azienda ospedale università di Padova - Italy (2024). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: