Thank you for downloading our free report!
We have sent your free report to the email address you have provided.
Go one step further !
Data protection is serious business, and the medical industry is as much concerned as any other. Take the example of a hospital in Europe.
FINE OF EUR 460,000 on Dutch Hospital – HAGAZIEKENHUIS for breach of data protection!
The hospital apparently did not have enough internal controls. The incident apparently came to light when a VIP Dutch person went there and ‘dozens of hospital staff’, nearly 100, were caught snooping in the persons records.
According to the DPA, at least two of the Haga’s security measures fell short of sufficient. The hospital didn’t have a way to alert administrators if an unauthorized employee was viewing a file they weren’t supposed to. Without a way to flag the access in real time, there was no way to take action against the malfeasance, the DPA said. Second, the database lacked two factor authentication, something which could have verified the identity of a user with legitimate access to the patient file, then let him or her access it with a code or password.
In addition to the fine, the regulator imposed a penalty of €100,000, due every two weeks with a maximum of €300,000, if the hospital does not remediate the situation and implement appropriate security measures by 2nd October 2019. The hospital can still appeal the decision.
Why not find out more?
Get our additional free report on your liability risks.
The 3 Ways of Approaching your Data Protection Compliance as a Medical Practitioner.
Have questions? Our team is here to help. Call (+230) 2103838 and ask for ROBERTO – Monday to Friday from 8:30 am to 5 pm MUT.