AP imposes hefty fine on OLVG hospital for poor data security
Date: Feb. 15, 2021
Modified November 14, 2023
Written by: Annemarie van Woudenberg
Reading time: +/- 2 minutes
Date: Feb. 15, 2021
Modified November 14, 2023
Written by: Annemarie van Woudenberg
Reading time: +/- 2 minutes
In 2019, the Haga Hospital was already in the news extensively when dozens of employees unauthorizedly accessed the medical file of Samantha de Jong (Barbie). This led to an investigation by the Personal Data Authority (AP) and ultimately a fine of over 4 tons for the Haga Hospital.
According to the AP, the Haga Hospital did not have its data security in order. Now, unfortunately, it is back at it again and the OLVG Hospital - also due to poor personal data security - has been fined heavily.
The AP launched an investigation following a tip, signals from the media and two data breach reports from the OLVG and found that the hospital did not adequately secure medical records. For example, it did not sufficiently check for unauthorized access in files and did not use at least two-factor authentication. Two-factor authentication means, for example, that the identity of a user seeking access to a record is established twice by, for example, a code or password combined with a staff pass.
A fine such as the Haga Hospital and the OLVG received can be avoided by better securing data. This means, for example:
Data security is becoming an increasingly common issue and regularly turns out to be inadequately regulated. This became apparent, for example, late last month when a large-scale data leak was discovered at the GGD. See my colleague Annemarie van Woudenberg' s vlog about that. The AP has already announced an investigation into that data breach and if this fine for the OLVG is a good indication, the GGD may soon be able to expect a fine on its mat as well.
Make sure you are not next and check that your data security is in order. If you have questions about that or we can look in on that check, feel free to get in touch.
As attorneys for business owners , we understand the importance of staying ahead. Together with us, you will have all the opportunities and risks in sight. Feel free to contact us and get personalized information about our services.