Germany
Hospital
105,000 €
GDPR enforcement action by Data Protection Authority of Rheinland-Pfalz on 2019-12-03.
Rank · Sector
#37
of 270 in Health Care
Rank · Germany
#32
of 116
Rank · All fines
#458
of 3,050
Case details
- Authority
- Data Protection Authority of Rheinland-Pfalz
- Date
- 2019-12-03
- Controller / Processor
- Hospital
- Sector
- Health Care
- Quoted Articles
- Art. 32 GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
The fine is based on several breaches of the GDPR in connection with a patient mix-up at the admission of the patient. This resulted in incorrect invoicing and revealed structural technical and organisational deficits in the hospital's patient management.
Open original source
Links to the regulator's original publication or another source.
Related fines
Germany
2024
45,000,000 €
ETid-2646
Vodafone GmbH
Media, Telecoms and Broadcasting
Germany
2020-10-01
35,258,708 €
ETid-405
H&M Hennes & Mauritz Online Shop A.B. & Co. KG
Employment
Germany
2024
4,113,486 €
ETid-2638
Unknown
Not assigned
Germany
2019
3,501,000 €
ETid-943
Unknown
Individuals and Private Associations
Germany
2022
2,001,000 €
ETid-1870
Unknown
Individuals and Private Associations
Germany
2022-03-03
1,900,000 €
ETid-1103
BREBAU GmbH
Real Estate