CEGEDIM SANTÉ – €800,000 Fine (France, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
CEGEDIM SANTÉ was fined €800,000 for improperly handling customer data by transferring it for research without ensuring it was fully anonymous. This matters because it highlights the importance of protecting user data and following privacy laws. Companies must be careful when sharing data to avoid hefty fines.
What happened
CEGEDIM SANTÉ transferred customer data for research purposes without properly anonymizing it.
Who was affected
Customers whose data was transferred by CEGEDIM SANTÉ for research.
What the authority found
The French data authority found that the data was only pseudonymized, making it possible to re-identify individuals, which violated GDPR rules.
Why this matters
This case emphasizes the need for businesses to ensure that any shared data is truly anonymous. Companies should review their data handling practices to comply with privacy regulations.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The French DPA has imposed a fine of EUR 800,000 on CEGEDIM SANTÉ. The company, which provides software for medical practices, had transferred customer data for research purposes. However, the DPA found that this data was not anonymous but only pseudonymized, making re-identification possible.
Related Enforcement Actions (0)
No other enforcement actions found for CEGEDIM SANTÉ in FR
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
12 September 2024
Authority
Commission Nationale de l'Informatique et des Libertés
Fine Amount
€800,000
Enforcement Tracker ID
ETid-2542
About this data
Cite as: Cookie Fines. CEGEDIM SANTÉ - France (2024). Retrieved from cookiefines.eu
Last updated: