Omilos Iatriki Diagnosi – Dismissed (Greece, 2024)

On 15 December 2022, a data subject filed a complaint with the Hellenic DPA (HDPA) against a diagnostic centre (the controller). The data subject alleged that after conducting tests at the the controller's facility, an employee communicated the results of her tests to the data subject's father by telephone without her consent. Specifically, she alleged that the employee contacted her father by telephone, informed him of the additional tests that the complainant had to undergo and requested that the data subject call immediately to confirm the additional cost. In the data subject's protest, she claimed that the controller apologized and admitted to the incident by saying "what's done is done, now it's not undone." The controller confirmed that the data subject had undergone examinations at its facility. It claimed that an employee informed her about the data protection policy and that the data subject had completed a form entitled "Declaration of Consent For Sending Results" to send the results by electronic mail using encryption. The controller alleged that the data subject herself provided her telephone number to the employee, and that the employee called that telephone number in order to inform her of additional required tests. The call was answered by the data subject's father, who responded that the data subject was absent and who was asked to inform her that she needed to contact the diagnostic center for her personal matter. The controller argued that no health information was disclosed. With regard to the alleged apology, the controller claimed that there was no admission of the incident and apology, but rather that the situation was handled with courtesy and the data subject was informed of the content of the disputed telephone call. The data subject responded to the controller's allegations and noted that she never stated the specific telephone number to the controller and that her number is different. In response, the controller clarified that the complain