Privacy Blog
POLISH DPA ISSUES REPRIMAND TO A COMPANY FOR DISCLOSURE OF PERSONAL DATA
03.12.2020
The Polish Data Protection Authority (“DPA”) issued a penalty of reprimand on the company relating to breach of personal data protection of persons subject to medical quarantine by making available to unauthorised recipients a list containing the addresses of persons in medical quarantine.
In the present case, upon a letter to the DPA from the State Poviat Sanitary Inspector in Gniezno (“PPIS in Gniezno”) about disclousre of a list containing the addresses of persons who are in quarantine under the administrative decision of PPIS in Gniezno and the mandatory quarantine in connection with the crossing of the country’s border, as well as the address details of persons in home isolation in connection with diagnosed SARS-CoV-2 infection.
The controller states that the lists received included only administrative addresses and did not include names, surnames and other identifiable data.
In this context, the DPA has imposed a penalty of reprimand on the company and also ordered the company to communicate the breach to the data subjects.
You can reach the full text of the DPA’s announcement here.
Should you have any queries and/or remarks, please do not hesitate to contact us.
Kind regards,
Zumbul Attorneys-at-Law