Romania: ANSPDCP fines Telekom Romania €3,000 for inadequate security measures
The National Supervisory Authority for Personal Data Processing ('ANSPDCP') announced, on 11 June 2020, its decision ('the Decision') to fine Telekom Romania Communications SA RON 14,524.2 (approx. €3,000) for its failure to implement sufficient security measures. In particular, the Decision highlights that these inadequate security measures led to unlawful processing of the complainant's data and the use of personal data without verifying its accuracy. Therefore, the Decision outlines that Telekom Romania were fined for violating Article 32 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), and orders the implementation of effective mechanisms for identification and protection of data from unauthorised disclosure and unlawful processing to ensure compliance with the GDPR.
You can read the Decision, only available in Romanian, here.