Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Spain: AEPD fines HM Hospitales €48,000 for GDPR violations
The Spanish data protection authority ('AEPD') issued, on 25 February 2020, a resolution ('the Resolution') in proceedings PS/00187/2019, fining HM Hospitales 1989, S.A. €48,000 for violating Articles 5(1)(a) and 6(1)(a) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Resolution outlines that a complainant argued that at the moment of his admission in the hospital he had to fill a form including a checkbox indicating that, in case he did not tick the same, he agreed to the transfer of his data to third parties. In addition, the Resolution highlights that the form provided by HM was not compliant with the GDPR since consent was obtained through the inaction of the data subject. As a consequence, the Resolution imposes a fine of €48,000 against HM.
You can read the Resolution, only available in Spanish, here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
