Regione di Veneto (the Controller) – €100,000 Fine (Italy, 2022)
The Veneto Region was fined EUR 100,000 for sharing health workers' personal data without proper consent. They sent lists of unvaccinated workers to doctors without asking first. This case reminds businesses to get consent before sharing personal data.
What happened
The Veneto Region shared lists of unvaccinated health workers with doctors without obtaining prior consent.
Who was affected
Health care workers in the Veneto Region whose vaccination status was shared without their consent.
What the authority found
The Italian authority found that the Veneto Region violated GDPR by sharing personal data without consent.
Why this matters
This case underscores the importance of obtaining consent before sharing personal data, especially in sensitive contexts like health information. It serves as a reminder for organizations to review their data-sharing practices.
GDPR Articles Cited
National Law Articles
The case involved the transmission of personal data of healthcare workers for vaccination purposes, unrelated to cookies or consent mechanisms.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for Regione di Veneto (the Controller) in IT
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
6 October 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€100,000
GDPRhub ID
gdprhub-5555About this data
Cite as: Cookie Fines. Regione di Veneto (the Controller) - Italy (2022). Retrieved from cookiefines.eu
Last updated: