Punishment for mistaken publication of health data

The Data Protection Officer of Baden-Württemberg (Germany), Dr. Stefan Brink, confirmed in an interview that in addition to the fine against knuddels.de also a second fine was imposed on a company. Due to a lack of internal control mechanisms, health data was published on the internet by mistake. Further details are not known.

Source:

https://www.esslinger-zeitung.de/region/baden-wuerttemberg_artikel,-eu-datenschutzregeln-machen-viel-arbeit-_arid,2237519.html

Entscheidungsdatum:
12.01.2019

Land:
Germany

Art des Verstoßes:
technical deficiency

Betroffene Datensätze:
unknown

Waren sensible Daten betroffen?:
Yes

verhängte Geldstrafe:
€ 80,000,-

Violation of GDPR Paragraph:

25. Data protection by design and by default
5. Principles relating to personal data processing
6. Lawfulness of processing
9. Processing of special categories of personal data

Quelle: