Romanian Post received a fine of EUR 5,000, following an investigation by the National Supervisory Authority for the Processing of Personal Data (ANSPDCP).
The investigation began after the General Directorate of Social Assistance Constanța notified that several postal items, sent by the Romanian Post to individuals and legal entities, did not reach the recipients, violating the security of personal data.
ANSPDCP claims that the Romanian Post has not implemented sufficient measures to protect personal data and “to ensure that any natural person who acts under the authority of the person authorized by the operator and who has access to personal data only processes them at the request of the operator”.
This situation led to the loss or destruction of postal items that contained personal data, such as name, address, tax obligations, information about the material situation, crimes committed or reports from social investigations, as well as any other data contained in the postal items (which represented the correspondence sent by the General Directorate of Social Assistance Constanța through the Romanian Post National Company), for a large number of persons concerned.
Read more on StartupCafe…
