Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Italy: Garante fines Sapienza Università €30,000 for GDPR violations
The Italian data protection authority ('Garante') announced, on 18 February 2020, that it had published, in its monthly newsletter ('the Newsletter'), a decision ('the Decision') fining Sapienza Università di Roma €30,000 for violating Article 32 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Decision highlights that Sapienza Università made the identification data of two persons, who had reported possible unlawful conduct to the university, accessible online. In addition, the Decision outlines that the data breach was due to the absence of adequate technical measures for access control within the whisleblowing management system, which would have made it possible to limit consultation to authorised personnel only.
You can read the Newsletter here and the Decision here, both only available in Italian.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
