GDPRTechnology

Company Specialized in the Publishing and Sale of Management Software to Doctors

€800,000

Authority

CNIL

Country

France

Date Issued

September 5, 2024

Industry

Technology

Summary

A healthcare software company failed to obtain required authorization from CNIL for processing health data in its repositories, violating lawful processing obligations under GDPR. The company was fined €800,000 for processing health data without proper legal basis and authorization.

Violation Types

Legal BasisHealth DataData Processing

Articles Violated

View original enforcement decision

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert