Hørsholm Municipality fined DKK 50k

On 10/Mar/2020, Hørsholm Municipality received a privacy fine of DKK 50,000. The enforcement authority (Danish Data Protection Agency) has cited these legal provisions in imposing the fine on Hørsholm Municipality: Article 32 GDPR/ GDPR/

Essentials

Date of enforcement action:
10/Mar/2020
Jurisdiction: Fine imposed:
Denmark Flag for Denmark, which is the jurisdiction taking enforcement action DKK 50,000 (US$7,400)
Defendant company or entity: Industry segment:
Hørsholm Municipality Government /

Case summary

The security breach occurred when an employee from Hørsholm Municipality had his worker computer stolen from his car. The computer contained personal information about approximately 1,600 employees at Hørsholm Municipality , including information of a sensitive nature and information about social security numbers.

The computer was not encrypted, when in the view of the Authority it should have been suitably encrypted to prevent loss or disclosure of personal data.

In its fine size recommendation, the Data Inspectorate has emphasized, among other things, the nature of the infringement (lack of security of processing) and that failure to encrypt the municipality’s computers is a general measure. In addition, emphasis has been placed on the size of municipalities in terms of population and total operating allowance.

(Danish Data Protection Agency)

Applicable legal provisions

Article 32 GDPR / GDPR /

Enforcement information

Enforcement authority: Type of enforcement action:
Danish Data Protection Agency Flag for Denmark, which is the jurisdiction taking enforcement action Penalty notice
Subject to appeal?
Not known

Cite this fine in your work

Data Privacy Fines Index. (2020-03-10 01:27) Hørsholm Municipality fined DKK 50k. dataprivacyfines.com. Retrieved from https://privacyfines.com/fine/horsholm-municipality-fined-dkk-50k/

Entry last updated: 2020-04-12 01:32 GMT.