Details:
Summary | The UK DPA (ICO) has fined the Central Young Men’s Christian Association EUR 8,700. The controller had sent an email to individuals participating in a program for individuals suffering from HIV without using the blind copy option, which made the email addresses of all recipients known to other recipients. 166 individuals could be identified or potentially identified based on their email addresses. From this it could be concluded that these people were probably living with HIV. |
Link: | link link |
Related articles: | Art. 5 (1) f) GDPR, Art. 32 (1), (2) GDPR |
Type: | Insufficient technical and organisational measures to ensure information security |
Fine: | EUR 8,700 |
Sector | Individuals and Private Associations |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/