Medical centers – €510 Fine (Bulgaria, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Medical centers in Bulgaria were fined for mishandling a patient's personal data when changing his general practitioner. They used software to generate forms that were shared without proper consent. This case highlights the importance of handling sensitive health data carefully.
What happened
Medical centers processed a patient's data without proper legal basis when changing his GP.
Who was affected
A patient whose personal data was shared between medical centers without proper consent.
What the authority found
The Bulgarian authority found that the medical centers unlawfully processed personal data, violating GDPR's requirements for lawful processing.
Why this matters
This case underscores the need for medical centers to ensure they have a valid legal basis for processing sensitive health data. It serves as a reminder to healthcare providers to review their data handling practices to avoid similar penalties.
GDPR Articles Cited
The sanction of 510 EUR was imposed on each medical center for unlawful processing of the personal data of data subject G.B. by a medical centre for the purpose of changing his GP. The medical centre used a software to generate a registration form for change of GP which was submitted to the Regional Health Insurance Fund and then to another medical centre, which subsequently also unlawfully processed the personal data of G.B.
Related Enforcement Actions (0)
No other enforcement actions found for Medical centers in BG
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
8 April 2019
Authority
Commission for Personal Data Protection
Fine Amount
€510
Enforcement Tracker ID
ETid-54
About this data
Cite as: Cookie Fines. Medical centers - Bulgaria (2019). Retrieved from cookiefines.eu
Last updated: