Punishment for mistaken publication of health data
The Data Protection Officer of Baden-Württemberg (Germany), Dr. Stefan Brink, confirmed in an interview that in addition to the fine against knuddels.de also a second fine was imposed on a company. Due to a lack of internal control mechanisms, health data was published on the internet by mistake. Further details are not known.
Source:
Decision data:
12.01.2019
Country:
Germany
Type of Issue:
technical deficiency
Number of involved data records:
unknown
Special category of data involved:
Yes
Fine:
€ 80,000,-
Violation of GDPR Paragraph:
25. Data protection by design and by default
5. Principles relating to personal data processing
6. Lawfulness of processing
9. Processing of special categories of personal data
Reference: