Policlinico Casilino di Roma (the controller) – €30,000 Fine (Italy, 2022)
Policlinico Casilino di Roma was fined for requiring patients to show a Covid pass to access outpatient services, which lacked a legal basis. The data protection authority found this practice was not supported by health regulations and was disproportionate. This case serves as a reminder that health facilities must ensure their policies comply with legal standards and respect patient rights.
What happened
The hospital required patients to present a Covid pass to access services without a legal basis.
Who was affected
Patients visiting the hospital's outpatient clinics who were asked to show a Covid pass.
What the authority found
The data protection authority found that the hospital's requirement for a Covid pass lacked a legal basis and was disproportionate.
Why this matters
This ruling underscores the need for healthcare providers to align their access policies with legal requirements and avoid unnecessary restrictions. It highlights the importance of respecting patient rights even during public health emergencies.
GDPR Articles Cited
National Law Articles
The case involved the requirement of Covid pass for accessing healthcare services, lacking a proper legal basis, unrelated to cookies or consent mechanisms.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for Policlinico Casilino di Roma (the controller) in IT
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
20 October 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€30,000
GDPRhub ID
gdprhub-5491About this data
Cite as: Cookie Fines. Policlinico Casilino di Roma (the controller) - Italy (2022). Retrieved from cookiefines.eu
Last updated: