A Belgian financial institution has been fined EUR 100,000 for data protection breaches after one of its employees repeatedly consulted his ex-wife’s financial data without authorization.
An employee had repeatedly consulted his ex-wife’s financial data without authorization and for personal reasons. The DPA held that unauthorized consultation by an employee does not exempt the employer from its responsibilities and obligations as a data controller. This is more necessary when employees have access to sensitive data in their work.