The information on which the search is based has been translated by a computer system without human intervention. It may contain errors in vocabulary, syntax or grammar. The translation may also produce mistakes in the searches performed.
81 results were found for your search terms Healthcare facility
Manipulation of medical information.
IP 522/2024
The complainant alleged that his medical history had been manipulated. Specifically, he stated that the diagnosis of the injuries he suffered in an accident was incorrect and that the images contained therein were blurred and cropped. During the processing of the claim, the hospital proved that the information in the complainant's medical history was correct, that there had been no modification after the date of the accident and that the images were not blurred or cropped. The procedure is closed, since no punishable act from the point of view of data protection can be attributed to the hospital, nor can any responsibility be attributed to the reported and unaccredited acts.
13/12/2024
Violation of the principle of confidentiality due to 9 improper accesses to the medical record.
PS 67/2024
Title: Breach of the principle of confidentiality due to 9 improper accesses to the medical record.
Summary: The complainant complained about 9 improper accesses to her medical record that were not related to any healthcare or diagnostic action, since she had never been treated at the center or by the doctor who had made the disputed accesses. The complainant also complained that, within the framework of a meeting of a neighborhood association, the doctor had disseminated some of the complainant's health data. This alleged disclosure of data was filed in the initiation agreement, since the facts were not proven. With regard to the 9 improper accesses proven, the entity is sanctioned for the breach of the principle of confidentiality with a fine of €30,000, as responsible for an infringement provided for in article 83.5.a in relation to article 5.1.f, both of the GDPR. The entity has paid the penalty in advance (€24,000).
13/12/2024
Violation of the principle of legality derived from the failure to adopt appropriate measures.
PS 14/2024
The medical history of the reported foundation is configured in such a way that, by design and by default, the foundation's own and external doctors can access it, through the foundation's information systems. This fact caused an external doctor who treated the reporting person within the framework of private healthcare to access his medical history, without his explicit consent or any other legal basis that legitimized this treatment. In this case, the violation of the duty of data protection by design and by default is not imputed, since there is an ideal competition of infringements and only the most serious infringement is imputed; that is, the violation of the principle of legality (qualified as very serious). Nor is the violation of the principle of purpose limitation imputed, because it is subsumed in the infringement relating to the principle of legality.
05/07/2024
Disrespect of the right of rectification.
PT 12/2023
The claiming entity has not accredited that it has responded to the request for rectification exercised by the claimant.
27/07/2023
Right of access.
PT 14/2023
It is appropriate to estimate the claim, since the ICS did not respond in time to the request of the claimant. Regarding the fund, it is not appropriate to make any pronouncement or require any action, since the ICS has accredited that it has delivered the documentation to the claimant in the requested terms, that is, it has made effective the right exercised by the claimant, although extemporaneously.
27/07/2023
Resolution to archive a complaint for access to the HC3
IP 213/2022
The person making the complaint complained of improper access to his or her medical records. It is resolved to archive the proceedings to the extent that within the framework of the prior information it has not been verified that any act that could constitute an infringement has occurred, while it has been sufficiently justified that the controversial access was carried out within the framework of the tasks assigned to the professional who carried it out.
21/06/2023
Access to the HC3 of the complainant.
IP 415/2022
The archiving of the actions is resolved since the reported entity has justified that the controversial access to HC3 of the complainant was caused by a typing error, within the framework of the RedCov project, in which certain parameters had to be consulted in various clinical stories.
08/06/2023
Resolution archiving of a complaint for improper access to HC3 of the complainant by personnel of the mutual EGARSAT.
IP 472/2022
Undue access to the HC3 of the complainant is not credited. The filing of the complaint is resolved because the complainant has accredited that the data referring to the complainant's HC3 was extracted from an opinion submitted to them by the INS.
02/03/2023
Undue access to HC3.
PS 91/2022
There are four unjustifiable accesses to the HC3 of the person denouncing by staff of the Sanitary Corporation Parc Taulí de Sabadell. It resolves to admonish the Corporation as the person responsible for an infringement provided for in Article 83.5.a) in relation to Article 5.1.a), both of which are in the GDPR, for 2 undue access to the HC3 which have not been prescribed, for the violation of the basic principles for processing, specifically the principle of application.
22/02/2023
Security measures.
IP 442/2021
The complaint is filed about how a Hospital carried out the transfer of documentation from a trade union section to another room inside the hospital, since that transfer was carried out without jeopardising the protection of the personal data contained there, and the security measures taken to do so were appropriate to guarantee its safety and confidentiality.
05/12/2022
Total number of pages: 9