Archibishop Makarios Hospital hit with a €5.000 fine by the Cyprus Commissioner

19 Feb 2019

Archibishop Makarios Hospital hit with a €5.000 fine by the Cyprus Commissioner for losing a patient’s medical records

A patient submitted a complaint to the Cyprus Commissioner after her request for the exercise of the right of access to her medical records was not met by the Archbishop Makarios III Hospital as her file could not be located.

After investigation of the complaint by the Commissioner and announcement of the prima facie violation of GDPR on 30/7/2018, an administrative fine of €5.000 was imposed on the hospital on 7/11/2018 for loss of patient medical records.

According to the Commissioner’s decision, the following factors had been taken into account to reach her decision:

  1. The measures previously taken by the hospital to improve protection of patients' medical records  (e.g. initiation of medical records handling system, electronic storage of patients’ X-rays, scheduled recording of lost files in the computerized system, establishment of measures and levels of accessibility, no remote access (from computers outside hospital) in the system and placement of signs indicating that it is strictly forbidden for patients to hold their medical records while at the hospital);
  2. the fact that there had been prior decision against the hospital for breach of data protection laws in relation to patients’ medical records;
  3. the fact that sensitive data were contained in the patient’s medical records.
RELATED NEWS

Greek Oil Company Responsible for Data Leak
Cyprus Commissioner’s Fine on newspaper confirmed by Supreme Court
GDPR: €10,000 Fine on a Newspaper for Publishing the Names and Photos of Police-Officers
Archibishop Makarios Hospital hit with a €5.000 fine by the Cyprus Commissioner

Location


10 Patron Street,
6051 Larnaca, Cyprus

Email


Contact us via email
info@privacyminders.com

Phone


Tel: +357 24812581/82
Fax: +357 24812583