Hague hospital fined €460,000 for not protecting patient's privacy

The Haga Hospital in The Hague is the first Dutch body to be fined for violating the new European privacy law, the General Data Protection Regulation. The Dutch Data Protection Authority fined the hospital 460 thousand euros for not sufficiently protecting a patient's privacy, NU.nl reports.

The hospital was discredited a few months ago when it was revealed that 85 employees had access to the patient file of Samantha de Jong, better known as reality star Barbie. The Data Protection Authority investigated and concluded that the Haga Hospital does not have the security of its medical records in order.

The Hagua Hospital was fined 460 thousand euros and given until October 2nd to improve its internal security. If that deadline is not met, the hospital will be fined another 100 thousand euros every two weeks until its security is in order. That additional fine can run up to a maximum of 300 thousand euros.

The Data Protection Authority confirmed to NU.nl that this was the first time that a Dutch institution is fined under the General Data Protection Regulation, which was implemented in May last year.