Details:
| Summary | The Polish DPA has imposed a fine of EUR 2,120 on the University Hospital of the Medical University of Warsaw. The university hospital had suffered a data breach in which a patient had received a referral from a doctor that contained, among other things, personal data (name, address, etc.) of another patient. The DPA found that neither the doctor nor the hospital informed the patient or the DPA about the data breach. |
| Link: | link link |
| Related articles: | Art. 33 GDPR, Art. 34 GDPR |
| Type: | Insufficient fulfilment of data breach notification obligations |
| Fine: | EUR 2,120 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/