GDPR FINE GERMANY for a HospitalOn 3 December 2019 GDPR fine in Germany was issued , to the hospital in Rhineland-Palatinate

The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate (LfDI) issued the fine for violations of the GDPR (General Data Protection Regulation).

What was the GDPR violation?

Several GDPR breaches occurred during the admittance of the patient that resulted in issuing the wrong invoice to the patient and revealed more serious privacy issues the hospital was struggling with.

Commissioner Prof. Dr. Kugelmann stated that the primary objective of the corrective measures is to remedy existing shortcomings and improve data protection:

“In addition to their sanction effect, they always contain a preventive element, by making it clear that maladministration is pursued consistently. It is important for me that substantial progress be made in the area of ​​data privacy sensitivity. Therefore, I hope that the fine will also be seen as a signal that data protection supervisory authorities are particularly vigilant in the field of handling data in the healthcare sector. “


This is the 14th GDPR fine in Germany so far, and while it is not the highest, it definitely sends the message that violation of the GDPR related to the most sensitive personal data- data subject’s medical and hospital records, will not be taken lightly.

For always staying up to date on GDPR fines so far issued in the EU we recommend this GDPR tracker!