Cyprus
Doctor
14,000 €
GDPR enforcement action by Cypriot Data Protection Commissioner on 2019.
Rank · Sector
#119
of 270 in Health Care
Rank · Cyprus
#12
of 47
Rank · All fines
#1,230
of 3,050
Case details
- Authority
- Cypriot Data Protection Commissioner
- Date
- 2019
- Controller / Processor
- Doctor
- Sector
- Health Care
- Quoted Articles
- Art. 5 GDPR, Art. 6 GDPR
- Type of violation
- Insufficient legal basis for data processing
Summary
A patient complained to the Commissioner that the request for access to her medical file was not satisfied by the hospital because the dossier could not be identified/located by the controller. After investigating the case, an administrative fine of €5,000 was imposed on the hospital.
Open original source
Links to the regulator's original publication or another source.
Related fines
Cyprus
2021-11-12
925,000 €
ETid-909
WS WiSpear Systems Ltd
Industry and Commerce
Cyprus
2019-10-25
70,000 €
ETid-179
LGS Handling Ltd, Louis Travel Ltd, and Louis Aviation Ltd
Employment
Cyprus
2023-11-22
45,000 €
ETid-2144
Open University of Cyprus
Public Sector and Education
Cyprus
2021-03-03
40,000 €
ETid-581
Electricity Authority of Cyprus
Employment
Cyprus
2021-09-06
40,000 €
ETid-830
APOEL FC
Individuals and Private Associations
Cyprus
2021-09-06
40,000 €
ETid-831
AC Omonia
Individuals and Private Associations