Italian Garante Fines Bank 600,000 Euros for Pre-GDPR Data Breach
Hunton Andrews Kurth writes:
The Italian Data Protection Authority (Garante per la protezione dei dati personali, “Garante”) recently announced that it levied a €600,000 fine on banking institution UniCredit for several violations of the Italian Personal Data Protection Code, in its pre-General Data Protection Regulation (“GDPR”) form.
The sanction was imposed following a data breach that took place between April 2016 and July 2017 that the banking institution notified to the Garante at the end of July 2017.
Read more on Privacy & Information Security Law Blog.