The Spanish Data Protection Agency has fined a funeral home 200,000 euros for leaking the identity of workers involved in an internal workplace harassment procedure. The resolution focuses on the dissemination of data that affected complainants or employees linked to that internal investigation.
The sanction refers to the revelation of identities
The infraction punished by the AEPD occurred when the identity of people related to an internal workplace harassment process became public. Among them were complainants or workers who were linked to the file opened within the company.
The fine amounts to 200,000 euros and is framed within the protection of especially sensitive personal data in work environments. Confidentiality in this type of procedure is considered a basic element to preserve the rights of affected individuals and avoid undue exposure.
Reinforced protection in internal procedures
The case highlights the processing of personal information when a company handles internal complaints of workplace harassment. The leak of the identity of the affected workers constitutes a violation of the privacy of those who participate in the procedure, either as complainants or as employees related to the investigation.
The resolution directly affects the dissemination of personal data within an internal file that required confidentiality. The AEPD's sanctioning action is precisely aimed at that breach of confidentiality, by understanding that the identity of the persons involved was exposed in a specially protected context.
The sanction reinforces the requirement to maintain under strict confidentiality any internal procedure of workplace harassment, especially when the information can identify workers who participate in it.