{"id":980,"date":"2022-07-12T09:15:40","date_gmt":"2022-07-12T07:15:40","guid":{"rendered":"https:\/\/ochronadanych-as.pl\/?p=980"},"modified":"2022-07-12T09:15:40","modified_gmt":"2022-07-12T07:15:40","slug":"datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures","status":"publish","type":"post","link":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/","title":{"rendered":"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures"},"content":{"rendered":"
The Danish supervisory authority found that the data breach reported by the Authority on 13 August 2021 occurred after the implementation of a health platform update, for which the Capital Region (Hovedstaden) is responsible. In this regard, Datatilsynet determined that the data breach resulted in the deletion of information regarding patients’ end-of-treatment and dosage dates on the Common Medical Record, for which the Authority is responsible.<\/div>\n
\n
<\/div>\n
As data controller, the Authority should take appropriate technical and organisational measures to ensure a level of security corresponding to the risks associated with the processing of sensitive data. In this regard, Datatilsynet determined that the Authority should have tested likely error scenarios in relation to platform updates, even in cases where a third party was directly responsible for the implementation of the process. The supervisory authority therefore concluded that the Authority had not complied with the requirements under Article 32(1) of the GDPR. In cases where several actors are involved in the processing, each controller must, for its own systems, define guidelines and procedures on how changes to the source systems may affect its organisation.<\/div>\n
<\/div>\n

In addition, Datatilsynet found that the Authority did not report the data breach within 72 hours and had previously made similar data security mistakes. Datatilsynet considered these to be aggravating circumstances.<\/p>\n

<\/div>\n
Source<\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

The Danish supervisory authority found that the data breach reported by the Authority on 13 August 2021 occurred after the implementation of a health platform update, for which the Capital Region (Hovedstaden) is responsible. In this regard, Datatilsynet determined that the data breach resulted in the deletion of information regarding patients’ end-of-treatment and dosage dates…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-980","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\nDatatilsynet criticises the Health and Medicines Authority for inadequate security measures - AllSafe<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures - AllSafe\" \/>\n<meta property=\"og:description\" content=\"The Danish supervisory authority found that the data breach reported by the Authority on 13 August 2021 occurred after the implementation of a health platform update, for which the Capital Region (Hovedstaden) is responsible. In this regard, Datatilsynet determined that the data breach resulted in the deletion of information regarding patients’ end-of-treatment and dosage dates...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\" \/>\n<meta property=\"og:site_name\" content=\"AllSafe\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-12T07:15:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ochronadanych-as.pl\/wp-content\/uploads\/2020\/01\/Allsafe-obrazek-fb.png\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"315\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"M-Strycharz-admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"M-Strycharz-admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\"},\"author\":{\"name\":\"M-Strycharz-admin\",\"@id\":\"https:\/\/ochronadanych-as.pl\/#\/schema\/person\/2518535b4329a9dc9e3fb9f0415c3919\"},\"headline\":\"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures\",\"datePublished\":\"2022-07-12T07:15:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\"},\"wordCount\":221,\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\",\"url\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\",\"name\":\"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures - AllSafe\",\"isPartOf\":{\"@id\":\"https:\/\/ochronadanych-as.pl\/#website\"},\"datePublished\":\"2022-07-12T07:15:40+00:00\",\"author\":{\"@id\":\"https:\/\/ochronadanych-as.pl\/#\/schema\/person\/2518535b4329a9dc9e3fb9f0415c3919\"},\"breadcrumb\":{\"@id\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Strona g\u0142\u00f3wna\",\"item\":\"https:\/\/ochronadanych-as.pl\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ochronadanych-as.pl\/#website\",\"url\":\"https:\/\/ochronadanych-as.pl\/\",\"name\":\"AllSafe\",\"description\":\"Zarz\u0105dzanie ochron\u0105 danych osobowych i bezpiecze\u0144stwem informacji\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ochronadanych-as.pl\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/ochronadanych-as.pl\/#\/schema\/person\/2518535b4329a9dc9e3fb9f0415c3919\",\"name\":\"M-Strycharz-admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d0d4f1dac0a86fed83cb7178808c886a3bd73db404f066ce1bdda44fb2b4f466?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d0d4f1dac0a86fed83cb7178808c886a3bd73db404f066ce1bdda44fb2b4f466?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d0d4f1dac0a86fed83cb7178808c886a3bd73db404f066ce1bdda44fb2b4f466?s=96&d=mm&r=g\",\"caption\":\"M-Strycharz-admin\"},\"url\":\"https:\/\/ochronadanych-as.pl\/en\/author\/m-strycharz-admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures - AllSafe","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/","og_locale":"en_US","og_type":"article","og_title":"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures - AllSafe","og_description":"The Danish supervisory authority found that the data breach reported by the Authority on 13 August 2021 occurred after the implementation of a health platform update, for which the Capital Region (Hovedstaden) is responsible. In this regard, Datatilsynet determined that the data breach resulted in the deletion of information regarding patients’ end-of-treatment and dosage dates...","og_url":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/","og_site_name":"AllSafe","article_published_time":"2022-07-12T07:15:40+00:00","og_image":[{"width":600,"height":315,"url":"https:\/\/ochronadanych-as.pl\/wp-content\/uploads\/2020\/01\/Allsafe-obrazek-fb.png","type":"image\/png"}],"author":"M-Strycharz-admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"M-Strycharz-admin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/#article","isPartOf":{"@id":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/"},"author":{"name":"M-Strycharz-admin","@id":"https:\/\/ochronadanych-as.pl\/#\/schema\/person\/2518535b4329a9dc9e3fb9f0415c3919"},"headline":"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures","datePublished":"2022-07-12T07:15:40+00:00","mainEntityOfPage":{"@id":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/"},"wordCount":221,"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/","url":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/","name":"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures - AllSafe","isPartOf":{"@id":"https:\/\/ochronadanych-as.pl\/#website"},"datePublished":"2022-07-12T07:15:40+00:00","author":{"@id":"https:\/\/ochronadanych-as.pl\/#\/schema\/person\/2518535b4329a9dc9e3fb9f0415c3919"},"breadcrumb":{"@id":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ochronadanych-as.pl\/en\/datatilsynet-criticises-the-health-and-medicines-authority-for-inadequate-security-measures\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Strona g\u0142\u00f3wna","item":"https:\/\/ochronadanych-as.pl\/en\/"},{"@type":"ListItem","position":2,"name":"Datatilsynet criticises the Health and Medicines Authority for inadequate security measures"}]},{"@type":"WebSite","@id":"https:\/\/ochronadanych-as.pl\/#website","url":"https:\/\/ochronadanych-as.pl\/","name":"AllSafe","description":"Zarz\u0105dzanie ochron\u0105 danych osobowych i bezpiecze\u0144stwem informacji","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ochronadanych-as.pl\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/ochronadanych-as.pl\/#\/schema\/person\/2518535b4329a9dc9e3fb9f0415c3919","name":"M-Strycharz-admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d0d4f1dac0a86fed83cb7178808c886a3bd73db404f066ce1bdda44fb2b4f466?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d0d4f1dac0a86fed83cb7178808c886a3bd73db404f066ce1bdda44fb2b4f466?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d0d4f1dac0a86fed83cb7178808c886a3bd73db404f066ce1bdda44fb2b4f466?s=96&d=mm&r=g","caption":"M-Strycharz-admin"},"url":"https:\/\/ochronadanych-as.pl\/en\/author\/m-strycharz-admin\/"}]}},"_links":{"self":[{"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/posts\/980","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/comments?post=980"}],"version-history":[{"count":1,"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/posts\/980\/revisions"}],"predecessor-version":[{"id":981,"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/posts\/980\/revisions\/981"}],"wp:attachment":[{"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/media?parent=980"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/categories?post=980"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ochronadanych-as.pl\/en\/wp-json\/wp\/v2\/tags?post=980"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}