Hospital – €6,900 Fine (Poland, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A district hospital in Poland was fined EUR 6,900 for not reporting a data breach quickly enough. This is significant because it shows that healthcare providers must act fast when personal data is compromised. Hospitals should have clear procedures for reporting data breaches to protect patient privacy.
What happened
The hospital failed to report a data breach where a patient received another person's medical records.
Who was affected
Patients whose personal data was exposed due to the hospital's delayed reporting.
What the authority found
The Polish authority found that the hospital did not comply with GDPR requirements for timely breach notifications.
Why this matters
This case emphasizes the need for quick action in reporting data breaches. Healthcare providers should ensure they have effective breach response plans.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Polish DPA has fined a district hospital in Września EUR 6,900 for failing to report a data breach to the DPA and data subjects in a timely manner. A patient had accidentally received another individual's medical records and was able to access their personal data.
Related Enforcement Actions (0)
No other enforcement actions found for Hospital in PL
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
26 November 2024
Authority
Urząd Ochrony Danych Osobowych
Fine Amount
€6,900
Enforcement Tracker ID
ETid-2493
About this data
Cite as: Cookie Fines. Hospital - Poland (2024). Retrieved from cookiefines.eu
Last updated: