The East Tallinn Central Hospital was fined €200 000 by Estonian regulator Data Protection Inspectorate (Andmekaitse Inspektsioon).
The Inspectorate explained that hospital patients’ medical records were found in an unattended construction container by an inspector. East Tallinn Central Hospital contested the fine in court, claiming that strangers did not see the documents in the container and the inspector climbed into the container herself without any authorisation. Moreover, East Tallinn Central Hospital argues that GDPR does not apply as paper files in trash are not organized and this situation does not fall under the regulation of GDPR.
TRINITI attorney at law and associate partner Maarja Pild and attorney at law and partner Karmen Turk are representing the East Tallinn Central Hospital.
The court of the first instance is expected to make its decision at the end of August this year.
