Court case Ra 2024/04/0408 – Court Ruling (Austria, 2024)

The data subject advanced an appeal to a DPA decision concerning an alleged violation of her fundamental right to privacy, as laid out in [https://www.jusline.at/gesetz/dsg/paragraf/artikel1zu1 Article 1(1) of the Austrian Data Protection Act (Datenschutzgesetz – DSG)]. The initial complaint advanced by the data subject related to the sharing of the data subject´s MRI scans without the data subject´s consent, in the context of a treatment procedure at a rehabilitation centre following a hip operation. At the time of the follow-up treatment, the appellant was seventy-seven years old and suffered from dementia and significant cognitive impairment due to two brain operations in 2018. Therefore, the data subject was unable to provide any information about her medication and previous findings and thus had an authorized representative. A few days after the data subject´s admission to the hospital, the data subject´s authorized representative, a doctor, submitted a bundle of radiological images. One of the MRI scan's radiological images was missing so the medical team of the rehabilitation centre asked the data subject´s authorized representative to send a duplicate. The requested MRI was faxed to the rehabilitation centre by the data subject´s authorized representative on the same day without the consent of the data subject, who only learned of this disclosure verbally from doctors at the rehabilitation center. The data subject advanced a complaint, claiming that, in the case at hand, [https://www.jusline.at/gesetz/dsg/paragraf/artikel1zu1 Article 1(1) of the Austrian Data Protection Act (Datenschutzgesetz – DSG)] was violated. The Administrative Court Holding The Administrative Court dismissed the complaint as unfounded due to the following reasons. First, the Administrative Court found that the data subject´s authorized representative was the controller under Article 4(7) GDPR. Then, it proceeded by considering that, while [https://www.jusline.at/gesetz/dsg/paragra