Details:

Summary The Italian DPA has imposed a fine of EUR 500 on Comune di Ustica. The municipality had published a document, containing personal data (including health data) of private individuals. In the course of its investigation, the DPA found that the municipality had published the data without a valid legal basis and therefore had acted unlawfully.
Link: link
Related articles:  Art. 5 (1) a), c) GDPR, Art. 6 (1) c), e) GDPR, Art. 6 (2) GDPR, Art. 6 (3) b) GDPR, Art. 9 (1), (2), (4) GDPR, Art. 37 (7) GDPR, Art. 2-ter (1), (3) Codice della privacy, Art. 2-septies (8) Codice della privacy
Type: Non-compliance with general data processing principles
Fine: EUR 500
Sector Public Sector and Education

 

All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/

Tags: case law