Penalty for erroneous publication of health data

The data protection commissioner of the German state of Baden-Württemberg, Dr. Stefan Brink, confirmed in an interview that, in addition to the fine against knuddels.de, a second, hefty fine was also imposed on a company. Due to a lack of internal control mechanisms, health data were published on the Internet by mistake. Unfortunately, further details are not known.

Source:

Entscheidungsdatum:
12.01.2019

Land:
Germany

Art des Verstoßes:
technical deficiency

Betroffene Datensätze:
unknown

Waren sensible Daten betroffen?:
Yes

verhängte Geldstrafe:
€ 80,000,-

Violation of GDPR Paragraph:

25. Data protection by design and by default
5. Principles relating to personal data processing
6. Lawfulness of processing
9. Processing of special categories of personal data

Quelle:
Esslingen Newspaper