On 10/Mar/2020, Gladsaxe Municipality received a privacy fine of DKK 100,000. The enforcement authority (Danish Data Protection Agency) has cited these legal provisions in imposing the fine on Gladsaxe Municipality: Article 32 GDPR/ GDPR/
|Date of enforcement action:|
|Denmark||DKK 100,000 (US$14,600)|
|Defendant company or entity:||Industry segment:|
|Gladsaxe Municipality||Government /|
In this case, the inadequate security controls of Gladsaxe Municipality caused a serious breach of the personal data security, when a computer containing personal data on 20,620 citizens, including information of sensitive nature and personal identification numbers, was stolen from Gladsaxe City Hall.
A fine was imposed because the computer in question was not protected by encryption, which was considered a reasonable precaution for Gladsaxe Municipality to take given its duties under the GDPR.
The fine represents a value of approximately EUR 0.70 (cents) per individual data subject impacted by the breach.
The situation came to light when Gladsaxe Municipality reported the data breach to the authorities.
(Danish Data Protection Agency)
|Enforcement authority:||Type of enforcement action:|
|Danish Data Protection Agency||Penalty notice|
|Subject to appeal?|
Cite this fine in your work
Data Privacy Fines Index. (2020-03-10 03:51) Gladsaxe Municipality fined DKK 100k. dataprivacyfines.com. Retrieved from https://privacyfines.com/fine/gladsaxe-municipality-fined-dkk-100k/
Entry last updated: 2020-04-11 04:06 GMT.