Covid 19 Test Lab – €100,000 Fine (Austria, 2024)

€100,000Datenschutzbehörde6 June 2024Austria
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Covid 19 Test Lab was fined €100,000 for not taking adequate security measures to protect personal data, leading to a data breach. The Austrian data protection authority found that the lab also failed to inform affected individuals about the breach. This case underscores the critical need for businesses to have strong data protection practices in place.

What happened

Covid 19 Test Lab failed to implement sufficient security measures, resulting in a data breach and not informing affected individuals.

Who was affected

Individuals whose personal data was compromised in the breach were affected.

What the authority found

The authority ruled that the lab did not take necessary technical and organizational measures to protect personal data, violating GDPR requirements.

Why this matters

This ruling serves as a reminder for businesses to invest in robust data security measures and to communicate transparently with individuals in the event of a data breach.

GDPR Articles Cited

AI-verified

Art. 9(GDPR)
Art. 32(GDPR)
Art. 34(GDPR)
Art. 5(1)(f) GDPR
Art. 28(3) GDPR
View original scraped data
Art. 9(GDPR)
Art. 5(1) f) GDPR
Art. 28(3) GDPR
Art. 32(GDPR)
Art. 34(GDPR)

Original data from scraper before AI verification against source document.

Source verified 10 March 2026
verified correct
Austria enforcementDatenschutzbehörde actionsAll Covid 19 Test Lab actions
Full Legal Summary
Detailed

The Austrian DPA has imposed a fine of EUR 100,000 on a Covid 19 test lab. The controller failed to implement sufficient technical and organisational measures, resulting in a data breach. Furthermore, the controller refused to inform the data subjects of the breach. The DPA also found that the controller processed certain data without a sufficient legal basis, used a processor without the necessary contract, failed to designate a suitable DPO, and failed to report the designation to the DPA.

Related Enforcement Actions (0)

No other enforcement actions found for Covid 19 Test Lab in AT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

6 June 2024

Authority

Datenschutzbehörde

Fine Amount

€100,000

Enforcement Tracker ID

ETid-2771

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Covid 19 Test Lab - Austria (2024). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: