DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

The Netherlands: 440,000 EUR fine for hospital for inadequate authentication and logging

Posted on February 13, 2021February 13, 2021 by Dissent

Demi Rietveld and Richard van Schaik of DLA Piper write:

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) has published its decision to impose an administrative fine of EUR 440,000 on Amsterdam  hospital OLVG due to the lack of sufficient measures to prevent access to medical records by unauthorised personnel.

After complaints, the Dutch DPA conducted an investigation, and carried out an audit of the hospital’s information system and investigated, among others, security aspects such as authentication and verification of the logging. After the investigation, the Dutch DPA concluded that OLVG systematically failed to adequately safeguard access to medical records and identified two specific violations with regard to authentication and verification of logging.

Read more on Privacy Matters. I wonder if our OCR would ever take enforcement action like this for the same authentication and logging issues.

 

Related Posts:

  • The Netherlands: almost 5500 data breaches notified in 2016
  • The Dutch Data Protection Authority accidentally…
  • The Dutch Duty to Report Data Leaks
  • 'America may have access to Dutch digital…
  • Dutch hospitals lax on data security

Post navigation

← In: Exclusive: Congress puts personal data of thousands of its supporters at risk, massive security loophole found on its website
Terrorist hackers target Atlassian & Oracle servers →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Update: Cardiovascular Consultants Ltd. ransomware attack reportedly affected 500,000 patients, guarantors, and staff
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net