Puts email addresses in Cc, not Bcc: US company fined in Italy

The privacy guarantor maintains a keen interest in applications and companies that process personal data in the health field, as also demonstrated during the period of the great spread of the Corona virus: its glucose monitoring system and for illegally sending email addresses and health data to nearly 2,000 Italian diabetics.” In addition, the company also violated the principles of validity and transparency and prevented users from formulating specific consents for various data processing on the official application. In short: An email was sent to a group of Italian customers of a continuous glucose monitoring system for diabetics called Eversense XL by entering the recipients’ addresses in the cc field instead of the bcc address. Thus, “each recipient had the opportunity to view the email addresses of other recipients of the organization’s email.” About 2,000 people are concerned about this data breach. Senseonics acknowledged the breach was due to the fault of one of its employees. The General Data Protection Regulation (GDPR) actually considers an email address to be personal data because it “pertains to an identifiable or identifiable individual”. In addition, since they are diabetics, the information in the email represents “personal data that can reveal health status”: in these cases, it is expected that it can only be disclosed to third parties with written permission. The CGM application requires users to accept the contractual terms of service and privacy policy simultaneously, “making it impossible to formulate specific consents for different data treatments.” The violation of the principles of correctness and transparency is due to the “confusion and lack of many essential parts” of information. The violation was reported to the people involved via an apology email. Now Senseonics will have to take the necessary corrective actions for the application as well as for the privacy policy, which is required to pay the €45,000 fine. Opening image credits: Pixabay

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button