Menzis (Health Insurance Company) – €50,000 Fine (Netherlands, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Menzis, a health insurance company, was fined €50,000 because its marketing staff accessed patient data without proper justification. This matters because it highlights the importance of keeping sensitive health information secure and only using it for the right reasons.
What happened
Menzis allowed its marketing team to access patient data, breaching privacy rules.
Who was affected
Patients whose data was accessed by Menzis' marketing staff.
What the authority found
The Dutch authority found that Menzis violated GDPR's purpose limitation principle by allowing unauthorized access to patient data.
Why this matters
This case underscores the need for companies to strictly control who can access sensitive data and for what purposes. Businesses should ensure that only necessary personnel have access to personal information to avoid similar fines.
GDPR Articles Cited
Marketing staff had access to patient data. Among other things, this violated the purpose limitation principle.
Related Enforcement Actions (0)
No other enforcement actions found for Menzis (Health Insurance Company) in NL
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
31 October 2019
Authority
Autoriteit Persoonsgegevens
Fine Amount
€50,000
Enforcement Tracker ID
ETid-154
About this data
Cite as: Cookie Fines. Menzis (Health Insurance Company) - Netherlands (2019). Retrieved from cookiefines.eu
Last updated: