The information on which the search is based has been translated by a computer system without human intervention. It may contain errors in vocabulary, syntax or grammar. The translation may also produce mistakes in the searches performed.
148 results were found for your search terms SECURITY MEASURES
Security of data exchanged at the patient care desk.
PS 40/2022
The person in charge of the treatment must implement the appropriate measures to ensure that the conversations held between their staff and the patients cannot be heard by unauthorized third parties. It is necessary to carry out a risk analysis to determine the applicable security measures.
03/11/2022
Security measures.
PS 38/2022
The CTTI, in its capacity as processor, did not implement adequate security measures to guarantee the personal data it processed on behalf of the controller (Dept EDU). This allowed a student, when making a telematic pre-enrolment at a given training, to display the data of a third party on screen.
03/11/2022
Work data loss.
IP 275/2021
The complainant's complaint about the alleged loss of an excellent document containing the computation of the extra hours performed by PHPT workers is shelved, since the Department of Justice reports that it still retains the file in which workers' overtime is collected, and that these, moreover, since 2017, have been included in the computer system used for personnel management (SIPC).
19/10/2022
The express indication of medical diagnosis in applications for dependency and other issues.
IP 45/2021
The complainant complained about several issues relating to the processing of his request for dependency:
07/09/2022
Security measures have been introduced. Password management.
PS 32/2022
Infraction of security measures within the framework of an internal audit conducted by the Foundation: 1) in the process of assigning new passwords, it was not guaranteed that credentials were under the exclusive control of users, as in the first entry the system did not force change by the user. 2) This also meant that it could not be guaranteed to know in an undoubted way what, who and when he performed a certain amount of work in the computer system. This lack of security was particularly apparent when auditors created new "ex novo" credentials for the system technician, and with these new credentials they accessed their work team in order to avoid risks in the system.
28/07/2022
Patient data access using 4 URLS only entering the DNI, lacks security measures.
PS 20/2022
Resolution is issued, directly as they have not filed any allegations against the IIA. Security measures are imputed, an authentication mechanism due to access to patient data through several hospital URLs only by introducing the DNI without any other access control measures. They claimed that they had erroneously published a 'test environment' and that they have already unpublished these URLs.
21/06/2022
Security measures in the management of paper documentation intended for destruction (works into a landfill of several plastic bags containing social service files (which included minor data), as well as worker productivity lists, to destroy) .
PS 1/2022
Security measures must be determined by taking into account the risks arising from the loss or unauthorised access to data (among others). In the present case, it has been proven that the person responsible for the processing of the data concerned did not take appropriate technical and organisational measures to ensure their safety (thinking to prevent unauthorised persons from accessing these data).
03/05/2022
Illegal access to the shared clinical history of various workers. It lacks security measures.
PS 56/2021
On the one hand, by means of the digital certificate linked to a worker in the entity - which allowed him to access the HC3 file of the Department of Health - an unidentified person or persons who had access to the HC3 of the complainants, all of them workers in the entity; which is considered constitutive of a violation of the principle of application linked to the improper treatment of special categories of data. On the other hand, the digital certificate linked to one of the working people of the FSFA, which as mentioned allowed access to the HC3 file, was installed on several computers to which different people also workers in the entity had access. Thus, to the extent that all these people could use the same certificate to access the HC3 database, the identification of the person who actually accessed it could not be guaranteed unequivocally and customarily, nor, consequently, the justification of these accesses could be analysed. This is considered to be a breach of security measures.
17/03/2022
Security measures.
PS 5/2022
The City Council did not have an information system to ensure the traceability of the actions it carried out in relation to the information contained in a digital folder. This meant that it was not possible to verify which users had accessed it, at what time, and what actions they had carried out.
10/03/2022
Vulnerability security measures: authentication and risk analysis.
PS 54/2021
Vulnerabilities detected in the platform set up for the public to request a vaccination appointment, and which allowed access to data from third parties. Lack of risk analysis.
09/03/2022
Total number of pages: 15