Company in the medical sector – €25,000 Fine (Austria, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An Austrian company in the medical sector was fined €25,000 for not informing people about data processing and failing to appoint a data protection officer. This highlights the importance of transparency and having dedicated personnel for data protection. Companies should ensure compliance with GDPR requirements to avoid penalties.
What happened
A medical company failed to meet information obligations and did not appoint a data protection officer.
Who was affected
Individuals whose data was processed by the medical company without proper information or oversight.
What the authority found
The Datenschutzbehörde imposed a fine due to the company's lack of transparency and failure to appoint a data protection officer.
Why this matters
This case serves as a reminder that companies, especially in sensitive sectors like healthcare, must be transparent about data processing and have a data protection officer. Compliance with GDPR is crucial to avoid fines.
GDPR Articles Cited
The (none-final) fine was imposed on a company in the medical sector for non-compliance with information obligations and for not appointing a data protection officer. Update: The original fine of EUR 50,000 was reduced to EUR 25,000 by the Austrian Federal Administrative Court.
Related Enforcement Actions (0)
No other enforcement actions found for Company in the medical sector in AT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
1 August 2019
Authority
Datenschutzbehörde
Fine Amount
€25,000
Enforcement Tracker ID
ETid-68
About this data
Cite as: Cookie Fines. Company in the medical sector - Austria (2019). Retrieved from cookiefines.eu
Last updated: