Penalty for denied data disclosure

An employee requested data disclosure (see data subject rights) from his employer, a hospital. For this he sent a registered letter to the company. The company ignored the request.

After the complainant filed a complaint with the data protection authority. The hospital issued an opinion. An application for data disclosure had not been attached to the letter. At the hearing, the hospital, unlike the affected, did not participate.

The data protection authority closed the case and imposed a fine of 1,000 lev (about € 500, -) against the company.

Entscheidungsdatum:
22.02.2019

Land:
Bulgaria

Art des Verstoßes:
violated duty to inform

Betroffene Datensätze:
1

Waren sensible Daten betroffen?:
No

verhängte Geldstrafe:
€ 500,-

Violation of GDPR Paragraph:

12. Transparent information, communication and modalities for the exercise of the rights of the data subject
15. Right of access by the data subject

Quelle: