personnel plan according to vaccination status
An unidentified company has been cited for inappropriate handling of its employees’ health information in regards to the Corona pandemic. The company collected information on the vaccination status of its employees and, with the influence of the vaccination status, created an personnel plan in which a color system showed which vaccination protection was present in which room. A fine of EUR 20,000 was imposed due to the negligent processing of sensitive health data. The company was obliged to delete the data immediately.
Entscheidungsdatum:
31.12.2022
Land:
Germany
Art des Verstoßes:
Illegal data processing
Betroffene Datensätze:
unknown
Waren sensible Daten betroffen?:
Yes
verhängte Geldstrafe:
€ 20,000,-
Violation of GDPR Paragraph:
6. Lawfulness of processing
9. Processing of special categories of personal data