https://usancen.lawthek.eu/en/blog/lawthek/bvwg-covid-19-a-mitigating-circumstance-in-gdpr-violations-1fe95723/
Data Privacy Law 

BVwG: COVID-19 a Mitigating Circumstance in GDPR Violations

Benn-Ibler Rechtsanwälte

Austrian Federal Administrative Court  COVID-19  GDPR  General Data Protection Regulation  mitigating circumstances  penalty  penalty assessment  sensitive data  vaccination law 

The Austrian Federal Administrative Court (Bundesverwaltungsgericht, hereinafter BVwG) has considered the COVID-19 pandemic and the fear of contagion a mitigating factor in penalties imposed for violating applicable data protection regulations.

In the original case, the complainant (a dermatologist in private practice) had instructed his assistant to use his access to the Austrian electronic health record portal (ELGA), which he normally used for professional purposes, to access data from specific individuals’ electronic vaccination records and check their COVID-19 vaccination status.

The Austrian data protection authority imposed an administrative fine of EUR 3,500 on him for processing health data (i.e., sensitive data within the meaning of Article 9(1) of the General Data Protection Regulation, GDPR) for an improper and therefore unlawful purpose. His query had not been made for medical purposes, but in connection with several candidates’ job applications as his medical assistant.

The doctor lodged an appeal against the ruling and was successful before the BWG.

In addition to the aggravating and mitigating factors considered by the authority, the BVwG considered the COVID-19 pandemic ‘another mitigating circumstance’ under Article 83(4)(k) GDPR. The fear of infection and the uncertain overall situation with regard to COVID-19 had led to a particularly stressful situation for the complainant. His motive for consulting the applicants’ electronic vaccination files had been to protect himself as a medical specialist, his staff, and his patients against the risk of infection. As a physician, he had a special obligation to be careful and to choose trustworthy people to work for him. His motive of preventing the spread of coronavirus among particularly vulnerable people, who typically visit doctors' surgeries more frequently, cannot be considered reprehensible.

The BVwG therefore reduced the fine to EUR 2,000.

BVwG W298-2269087-1/6E (6 June 2023)



More Services

LawThek Efficient Legal Information LawThek uses cutting-edge technologies like graph databases and AI to make legal information accessible. (opens in new tab) JobThek Legal Jobs The job board for legal professionals – find your next career opportunity in the legal sector. (opens in new tab) LegalNetics Innovative LegalTech Solutions Transform your legal documents into connected knowledge with LegalNetics. (opens in new tab)