PogoWasRight.org

Menu
  • About
  • Privacy
Menu

German DPA Fines Drugstore Chain for Illegal Collection of Health Data

Posted on January 20, 2010 by pogowasright.org

On January 11, 2010, the data protection authority of the German federal state of Baden-Wurtemberg issued a press release stating that it had fined the Müller Group €137,500 for illegal retention of health-related data and failure to appoint a Data Protection Officer.

In April 2009, the German press reported that the Müller Group, a drugstore chain comprised of twelve entities and employing some 20,000 workers, was illegally collecting health data from its employees. Specifically, employees returning from sick leave were required to complete a form and provide the reason for their sicknesses. After conducting an investigation, the DPA confirmed these allegations. Since 2006, the Müller Group entities had systematically requested employees returning from sick leave to identify the reasons for their sicknesses on a form that was then sent to the Group’s central Human Resources department to be scanned. As of April 2009, approximately 24,000 records containing data on employee illnesses were being stored in Müller’s centralized HR files.

Read more on the Privacy and Information Security Law Blog.

Category: BreachesNon-U.S.

Post navigation

← Swedes swap passwords for chocolate treats
32nd International Data Protection and Privacy Commissioners Conference →

Now more than ever

Search

Contact Me

Email: info@pogowasright.org

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

Categories

Recent Posts

  • ARC sells airline ticket records to ICE and others
  • Clothing Retailer, Todd Snyder, Inc., Settles CPPA Allegations Regarding California Consumer Privacy Act Violations
  • US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car
  • Google agrees to pay Texas $1.4 billion data privacy settlement
  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim

RSS Recent Posts on DataBreaches.net

  • Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors
  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
©2025 PogoWasRight.org. All rights reserved.
Menu
  • About
  • Privacy