GDPR fine after Facebook posting
A doctor has published excerpts of patient letters and other medical records on Facebook for several months. Viewers were able to identify patient names, diagnoses, medication data, social security numbers and some other data from patients and treating physicians.
The Austrian Data Protection Authority therefore imposed a fine of €600, – on the doctor.
Entscheidungsdatum:
19.10.2020
Land:
Austria
Art des Verstoßes:
Illegal data processing
Betroffene Datensätze:
unknown
Waren sensible Daten betroffen?:
Yes
verhängte Geldstrafe:
€ 600,-
Violation of GDPR Paragraph:
5. Principles relating to personal data processing
9. Processing of special categories of personal data