Romanian DPA imposes new fine for failure to ensure data security


On 8 September 2020, the Romanian DPA announced a fine of EUR 2,000 was imposed on a data controller providing communication services in health care industry for failure to ensure the security of data. The investigation was carried out following a data breach notification

While organizing an online event, the login data of some individuals were transmitted by mistake to other e-mail addresses than those used to create an account into the platform, which led to unauthorized disclosure and access to data.

The full press release is available here (only in Romanian).