Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Sweden: Datainspektionen fines Örebro Health and Medical Board SEK 120,000 for GDPR violations
The Swedish data protection authority ('Datainspektionen') announced, on 12 May 2020, that it had issued a decision ('the Decision') fining the Health and Medical Board of the Region of Örebro County ('the Board') SEK 120,000 (approx. €11,200) for violations of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), by illegally publishing the sensitive personal data of a patient. In particular, the Datainspektionen found that the Board did not have a legitimate purpose, a legal basis, or an exemption from the prohibition against the handling of sensitive personal data under the GDPR.
You can read the press release here and the Decision here, both available in Swedish.
UPDATE (14 April 2020)
EDPB issues statement on Datainspektionen Örebro Health and Medical Board fine
The European Data Protection Board ('EDPB') issued, on 13 April 2020, a statement ('the Statement') on the Datainspektionen's decision to fine the Örebro Health and Medical Board.
You can read the Statement here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
