Back to Cases
technologyhealth · 2022
Doctissimo
CNIL fined health website Doctissimo €380,000 for multiple GDPR violations: collecting health data without valid consent, keeping data longer than necessary, and using outdated encryption protocols on its web server.
Fine Imposed€380,000.0
Authority
CNIL
Regulation
Key Takeaways
- Health data requires explicit consent; retention and security measures must be documented.