Poland
L. Zamenhof University Children's Clinical Hospital in Białystok
15,600 €
GDPR enforcement action by Polish National Personal Data Protection Office (UODO) on 2025-06-30.
Rank · Sector
#115
of 270 in Health Care
Rank · Poland
#42
of 111
Rank · All fines
#1,166
of 3,050
Case details
- Authority
- Polish National Personal Data Protection Office (UODO)
- Date
- 2025-06-30
- Controller / Processor
- L. Zamenhof University Children's Clinical Hospital in Białystok
- Sector
- Health Care
- Quoted Articles
- Art. 5 (2) GDPR, Art. 32 GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
The Polish DPA has imposed a fine of EUR 15,600 on the L. Zamenhof University Children's Clinical Hospital in Białystok. The controller did not implement sufficient technical and organisational measures to ensure information security, resulting in a ramsomeware attack on its IT systems.
Open original source
Links to the regulator's original publication or another source.
Related fines
Poland
2025-08-26
4,323,250 €
ETid-2840
ING Bank Śląski
Finance, Insurance and Consulting
Poland
2025-07-21
3,955,000 €
ETid-2757
McDonald’s Polska Sp. z o.o.
Employment
Poland
2026-02-05
2,682,000 €
ETid-3063
DPD Polska sp. z o.o.
Transportation and Energy
Poland
2026-02-19
1,393,300 €
ETid-3113
Restaurant Partner Polska
Industry and Commerce
Poland
2022-01-19
1,000,000 €
ETid-1104
Fortum Marketing and Sales Polska S.A.
Transportation and Energy
Poland
2024-08-20
940,000 €
ETid-2457
mBank
Finance, Insurance and Consulting