Punishment for mistaken publication of health data

The Data Protection Officer of Baden-Württemberg (Germany), Dr. Stefan Brink, confirmed in an interview that in addition to the fine against knuddels.de also a second fine was imposed on a company. Due to a lack of internal control mechanisms, health data was published on the internet by mistake. Further details are not known.

Source:

https://www.esslinger-zeitung.de/region/baden-wuerttemberg_artikel,-eu-datenschutzregeln-machen-viel-arbeit-_arid,2237519.html

Decision data:
12.01.2019

Country:
Germany

Type of Issue:
technical deficiency

Number of involved data records:
unknown

Special category of data involved:
Yes

Fine:
€ 80,000,-

Violation of GDPR Paragraph:

25. Data protection by design and by default
5. Principles relating to personal data processing
6. Lawfulness of processing
9. Processing of special categories of personal data

Reference: