The Italian SA imposed a 40 000 EUR fine on a company for violating the confidentiality of a employee's email account after the end of his employment
NL-context Nieuwe regelgeving rondom dataprivatecy en -bescherming, zoals geïllustreerd door de Italiaanse zaak, heeft directe gevolgen voor Nederlandse zorginstellingen die AI-systemen inzetten of plannen in te zetten, vanwege str
Samenvatting
The Italian SA imposed a 40 000 EUR fine on a company for violating the confidentiality of a employee's email account after the end of his employment. Background information Date of final decision: 18 December 2025 National case Controller: LTL S.p.A. Legal Reference(s): Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject), Article 15 (Right to access by the data subject) Decision: Administrative fine, Compliance order, Erasure order or Add here your free text for the decision Key words: Administrative fine, Principles relating to processing of personal data, Transparency, Right of access, Employment, Data subject rights Summary of the Decision Origin of the case In a complaint submitted to the Italian Supervisory Authority (SA), an individual complained that, after receiving a disciplinary letter followed by dismissal, the company had denied him access to his company' email account, which remained active. Exercising his rights, the data subject asked the company to disable the email account, forward any messages received in the meantime to his personal email address, and activate an automatic reply informing any senders of his new email address. However, this request remained unfulfilled, even though it was formulated in compliance with the GDPR. Key Findings During the investigation, the Italian SA found that the company not only continued to receive emails addressed to the employee, but also forwarded them to another company email account. This unlawful practice had been going on for about two months, exceeding the 30-day limit set by the company's internal rules. Decision The Italian SA fined the company 40 000 EUR. In determining the amount of the fine, the SA took into account the type and duration of the violations, the failure to respond to the employee's request to exerci...
Waarom dit ertoe doet
Nieuwe regelgeving heeft directe gevolgen voor zorginstellingen die AI-systemen inzetten of plannen in te zetten.
Context (AI-duiding)
Klik op “Toon context” om AI-duiding op te halen.
Scores
De mate waarin dit signaal de Nederlandse gezondheidszorg kan beïnvloeden (1 = minimaal, 5 = transformatief).
Hoe snel actie of aandacht nodig is (1 = kan wachten, 5 = onmiddellijke aandacht vereist).
De mate van onzekerheid over de uitkomst of timing (1 = zeer voorspelbaar, 5 = zeer onzeker).
Tags
Bronnen
- The Italian SA imposed a 40 000 EUR fine on a company for violating the confidentiality of a employee's email account after the end of his employmentEuropean Data Protection Board (EDPB) —
- The Italian SA fined Poste Vita for data breachEuropean Data Protection Board (EDPB) —
Relevant voor
Pipeline versie: 0.2.0 | Gegenereerd door: pipeline