Resolutions, opinions and reports search tool

A file is agreed because the City Council recognizes that a councilor accessed the phone number of the complainant to call her, but not to complain about the content of a tweet that she would have published, but that the reason for the call was to deal with a matter linked to the functions that he served as municipal councillor and the functions that the person was holding in the occupied place within the educational center. Presumption innocence.

School 30 Steps is admonished by the commission of an infringement concerning the violation of the principle of confidentiality, as it has not used the hidden copy when sending an email.

The claimant complained that in the face of the request for access to his HC, the Hospital had not delivered the full documentation to him. Within the protection procedure, the hospital has provided the complainant with all the documentation requested, and the hospital's response is therefore extemporaneous, without going into any other considerations of substance.

The regulations for the protection of personal data do not prevent the access of the person claiming the merely identifying data of the persons who have communicated to the contracted consulting company the information necessary for the assessment of City Council jobs, as well as to the different proposals of organigram or the RLT of the City council.

Security measures must be determined by taking into account the risks arising from the loss or unauthorised access to data (among others). In the present case, it has been proven that the person responsible for the processing of the data concerned did not take appropriate technical and organisational measures to ensure their safety (thinking to prevent unauthorised persons from accessing these data).

It is credited that the CSMA did not make effective the right of access exercised by the claimant, since in the face of his request he limited himself to submitting to him a report from the psychiatrist visiting him, which made no reference to any of the requested endpoints, concerning the month of August 2018: information concerning the communication of his medical data to his parents, the application for involuntary membership and the interview that his psychiatrist would have held with his parents. In this regard, it should be borne in mind that it is part of the right of access provided for in Article 15 GDPR, the right to know whether or not the person responsible has the data in respect of which that right is exercised, and the right to know data communications to third parties. In the above, the claim is estimated and the claim is declared the right of the claimant to obtain the information requested from the CSMA in his files, as well as, in the event that no such information is available, to be explicitly stated, specifying the reason, and to be informed about the communication of data to third parties.

The right of access to emails containing personal data of the claimant or his representative (son) is estimated, because the request contained in the submitted request would be considered to fit within the framework of an art right request. The claimant was entitled to receive a response from the person responsible for the treatment from the prism of the data protection regulations, which was not issued in this regard. All of this, however, without prejudice to the fact that, if appropriate, in the response that is eventually given, the limitations that may be derived from Article 23 of the GPD are applicable.

The Department of Health has extemporaneously taken account of the right of access to the shared clinical history of the applicant, which is why the Department's response is declared to be extemporaneous, without going into any other considerations, given that the right has been satisfied within the framework of this rights protection procedure.

The ICS is warned of a very serious breach by violation of the principle of accuracy, for having erroneously published in a person's HC3 a medical report referring to another person, which contained health data of that person.

The reasoned report examined may be in line with the concept of administrative resolution of public relevance for the sake of transparency. The LTC requires the anonymization of personal data in the publication and since, in this case, despite this, the affected persons could be identifiable, it would be acceptable to replace it with an anonymized summary of its purpose.