Home > News and events > Attorney Henri Ratnik published an article on Data Protection in Medicine

Henri Ratnik published an article on data protection in medicine
March 11, 2024 News

Henri Ratnik published an article in the Estonian Medical journal Lege Artis about recent data protection infringements and fines in the medical sector in the EU.

In a nutshell – the biggest cases revolved around the “usual suspects”, aka data leaks and malware attacks.
One of the largest fines in the medical sector was 1,5 million EUR and this was imposed in France to a company that provides software services to medical laboratories. Namely, there was a data leak, as a result of which the personal data of nearly 500,000 people was leaked. Among the leaked data were people’s names and their health data – including information whether person has cancer, any virus, genetic diseases, pregnancy data, what drugs the person takes, etc. In other words – very sensitive data. During the investigation, the French Data Protection Authority identified several violations of the GDPR: for example, lack of data encryption, etc.
Another common issue is the use of malware where the baddies take medical data into hostage, and in exchange for releasing it they ask for money. In Ireland a fine of 460,000 EUR was imposed to a medical establishment for this – because it hadn’t put in place proper organizational and technological measures to avoid such attack.
So, what is the moral of all of this? Systems are often accessed through human errors, or sometimes through very sophisticated and planned attacks. It is a complete myth that only large companies are attacked. When the baddie sees a wallet lying on the street, the baddie picks it up and puts it in their pocket. It’s the same with cyber security – if it is possible to attack the system, then it is attacked. And the attack means that very sensitive medical data is under threat which in turn leads to the supervisory authority coming to sniff around, usually leading to a fine.

The article in full length is also available online behind a paywall: https://lnkd.in/d7i_Gva7

main Team members

Henri Ratnik
Henri Ratnik
Senior Associate


News & Events Click here

Abistatud enesetapu teenuse osutaja kaitsjad kaebasid süüdimõistva otsuse edasi

White-Collar Criminal Defence and Investigation / Medical Law
Möödunud suvel esitas prokuratuur Paul Tammertile süüdistuse loata majandustegev...

How can legal design make privacy policies more effective?

IT, IP and Data Protection Law
The problem with privacy policies Articles 13 and 14, along with other provision...

Catch up on Baltic legal insights. Stay informed with our newsletter.



WIDEN is a full-service Baltic law firm that prides itself on providing clients with legal counsel focused on client experience. This means focusing on the client – delivering counsel that is practical and spoken in business terms rather than mere legalese.

Widen consultation

Trusted by