Skip to Primary Navigation

Skip to main content

Number of GDPR fines in EU healthcare steady, but average fine rises steeply

Medical staff analyze patient data at the Department of Rehabilitative Cardiology of ASL 3 Genova on July 21, 2020 in Genoa, Italy.
Photo: Marco Di Lauro/Getty Images

Martin Kilgus | CMS

4 min read
 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

Deep dive into the life science and healthcare findings from the CMS GDPR Enforcement Tracker Report 2025.

Main takeaways

There was only a moderate increase in the number of fines imposed compared to 2024.

The most common reason for fines in the healthcare sector continues to be the lack of sufficient technical and organizational measures (TOMs).

This remained a common issue across many healthcare institutions and without a

, , , , , ,