Medstar S.R.L. – €2,000 Fine (Romania, 2025)

€2,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal20 February 2025Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Romanian DPA imposed a fine of EUR 2,000 on Medstar S.R.L. The controller had mistakenly sent a patient's health data via unsecured email to another patient. The DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data and prevent such an incident.

GDPR Articles Cited

Art. 32 GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Medstar S.R.L. actions
Full Legal Summary

The Romanian DPA imposed a fine of EUR 2,000 on Medstar S.R.L. The controller had mistakenly sent a patient's health data via unsecured email to another patient. The DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data and prevent such an incident.

Related Enforcement Actions (0)

No other enforcement actions found for Medstar S.R.L. in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

20 February 2025

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€2,000

Enforcement Tracker ID

ETid-2546

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Medstar S.R.L. - Romania (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: