GDPR violation – 1.2 million euros fine!

von Tobias

Data errors should cost the AOK Baden-Württemberg a fine of 1.2 million euros.

Due to a data error in a competition, the AOK Baden-Württemberg is to pay a fine of 1.2 million euros. Because the health insurance company misappropriated data from competitions, a corresponding penalty was imposed by the state data protection officer in Stuttgart on Tuesday. According to his information, the AOK had organized competitions for several years in order to win over new customers, among other things. Information from the competitions such as to contacts and health insurance membership should be used for advertising. However, this is only allowed if the participants explicitly consent.

Data from more than 500 participants was used for advertising purposes.

“However, the measures set by the AOK did not meet the legal requirements,” complained Stefan Brink, the country’s top data protection officer. Personal data was used by more than 500 participants for advertising without their permission. Insured data were not affected. The AOK then quickly set the course for better data protection.

Therefore: Pay even more attention to how you handle your customers’ data. Discuss the general procedure for planned advertising measures, customer data selection for newsletters, customer mailings or competitions with your data protection officer, e.g. to avoid possible pitfalls in the text design of the information obligations. Make sure that you always have “Consent to be contacted for promotional purposes” from the customers contacted.

Do you still have questions about your GDPR compliance?

Call us on 08505 919 27-0 or use our contact form. Our experts are there for you and will be happy to advise you.

Would you like to find out more about the subject of fines?

Also read our other blog articles on the subject of fines. You can find these in the overview for the keyword GDPR fine.

Would you like to determine the amount of a potential fine for your company?

Just use our online fine calculator!


Der ISO/IEC 27001 Auditor / Lead Auditor mit langjähriger Tätigkeit in führender Funktion agiert für Kunden und Kollegen als kompetenter Ansprechpartner im Bereich der IT und IT-Security. Neben jahrelanger Erfahrung bei der Betreuung und im Management von komplexen Software- und IT-Projekten, VDI/Virtualisierungs- und NAC (Network-Access-Control)-Lösungen fühlt sich der zertifizierte Microsoft Spezialist auch im Bereich der Softwareentwicklung zu Hause. Mit seinem weitreichenden Wissen und vielseitigen technischen Know-how bereichert er Kunden und Team gleichermaßen.