Germany
Physician
3,600 €
GDPR enforcement action by Data Protection Authority of Hessen on 2023.
Rank · Sector
#201
of 270 in Health Care
Rank · Germany
#81
of 116
Rank · All fines
#1,955
of 3,042
Case details
- Authority
- Data Protection Authority of Hessen
- Date
- 2023
- Controller / Processor
- Physician
- Sector
- Health Care
- Quoted Articles
- Art. 5 (1) f) GDPR, Art. 32 (1) b) GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
A physician's office had disposed of records containing patient data in a public waste disposal site.
Open original source
Links to the regulator's original publication or another source.
Related fines
Germany
2024
45,000,000 €
ETid-2646
Vodafone GmbH
Media, Telecoms and Broadcasting
Germany
2020-10-01
35,258,708 €
ETid-405
H&M Hennes & Mauritz Online Shop A.B. & Co. KG
Employment
Germany
2024
4,113,486 €
ETid-2638
Unknown
Not assigned
Germany
2019
3,501,000 €
ETid-943
Unknown
Individuals and Private Associations
Germany
2022
2,001,000 €
ETid-1870
Unknown
Individuals and Private Associations
Germany
2022-03-03
1,900,000 €
ETid-1103
BREBAU GmbH
Real Estate