(022) 820 801 centru@datepersonale.md
DP header logo
img mobile menu img close mobile menu
ROENРу
ico search toggle
datepersonale.md
/
Comunicate
/
Administrative fine in the amount of 230 000 euros applied by the Finnish Data Protection Authority to Viking Line for unlawful processing of employees’ health data

Administrative fine in the amount of 230 000 euros applied by the Finnish Data Protection Authority to Viking Line for unlawful processing of employees’ health data

img 750 Views

The National Center for Personal Data Protection (NCPDP), for information and application purposes, communicates about administrative fine in the amount of 230 000 euros applied by the Finnish Data Protection Authority (SA) to Viking Line for unlawful processing of employees’ health data.

The Finnish SA investigated Viking Line activities on the basis of a complaint. A former employee of Viking Line informed the Finnish SA that they had not received all their personal data being stored in the company’s systems despite their request. According to the employee, Viking Line had been keeping their health data in an HR system for 20 years. Furthermore, some diagnosis information stored was inaccurate.

Following the investigations, it was found that saving diagnosis information in connection with other employment-related data is against the law. In addition, health data should also have been erased immediately when its storage was no longer necessary. At the same time, Viking Line had not informed its employees appropriately of the processing of their personal data.

In this context, an administrative fine of 230 000 euros was imposed on Viking Line for several violations of data protection legislation. At the same time, the Finnish SA ordered the company to correct its practices and inform its employees of the processing of their personal data as required by the GDPR.

The NCPDP, as national supervisory authority for personal data processing, emphasizes the responsibility of personal data controllers to comply with the provisions of legal framework on personal data protection and to ensure that personal data processing operations are in accordance with the legislation in force.

img
Curs de instruire în domeniul protecției datelor cu caracter personal organizat pentru reprezentanții Direcției Regionale Sud a IGPF

       La data de 14 mai 2026, Centrul Național pentru Protecția Datelor cu Caracter Personal (CNPDCP) a organizat un curs de instruire în domeniul protecției datelor cu caracter personal pentru reprezentanții Direcției Regionale Sud a Inspectoratului General al Poliției de Frontieră (IGPF). Evenimentul s-a desfășurat la sediul Direcției din municipiul Cahul.     […]

img 43 Views
The Republic of Moldova has signed the instrument of ratification for the Protocol amending Convention No. 108

       Today, May 15, 2026, in Chișinău, Deputy Prime Minister and Minister of Foreign Affairs of the Republic of Moldova, Mihai Popșoi, presented to the Secretary General of the Council of Europe the instrument of ratification of the Protocol amending the Convention for the Protection of Individuals with regard to Automatic Processing of […]

img 21 Views
img Video gallery
img Information