The supervisory authority RLP imposes a fine of EUR 105,000 after a GDPR violation
The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate (LfDI) has imposed a fine of 105,000 euros on a hospital in Rhineland-Palatinate. At the same time, the LfDI welcomes the resilient efforts made by the hospital to sustainably promote further developments and improvements in data protection management.
The final fine is based on several violations of the General Data Protection Regulation in connection with a mix-up of patients when admitting the patient. This resulted in incorrect invoicing and revealed structural, technical and organizational deficits of the hospital in patient management.
The state representative, Prof. Dr. Kugelmann emphasizes: “The primary goal of the remedial and sanctioning measures is to remedy existing deficits and improve data protection. Fines are one instrument among several. In addition to their sanctioning effect, they always contain a preventive element, in that it becomes clear that grievances are consistently investigated. It is important to me that substantial progress is made with regard to the particular sensitivity of data in health data protection. So I hope that the fine will also be seen as a signal that the data protection supervisory authorities are paying particular attention to the handling of data in the healthcare sector. ”
Source: LDA RLP
We’re here to help
In order to avoid a GDPR violation and high fines or to react correctly in an emergency, we are at your disposal as an external data protection officer.
We are also happy to advise your internal data protection officer. Alternatively, we can bring your company up to GDPR-compliant status so that you can then take data protection into your own hands. Find out more on our data protection service page or contact us for your individual offer.
Are you interested in how to measure the amount of the fine in the event of a GDPR violation? We have compiled the most important facts and explained them in a video. You can find it in the relevant blog article.
In the near future, a GDPR fine calculator will also be available on our website.
Der ISO/IEC 27001 Auditor / Lead Auditor mit langjähriger Tätigkeit in führender Funktion agiert für Kunden und Kollegen als kompetenter Ansprechpartner im Bereich der IT und IT-Security. Neben jahrelanger Erfahrung bei der Betreuung und im Management von komplexen Software- und IT-Projekten, VDI/Virtualisierungs- und NAC (Network-Access-Control)-Lösungen fühlt sich der zertifizierte Microsoft Spezialist Tobias Damasko auch im Bereich der Softwareentwicklung zu Hause. Mit seinem weitreichenden Wissen und vielseitigen technischen Know-how bereichert er Kunden und Team gleichermaßen.
This post is also available in: German