Privacy & Security

YORKTON, Sask. – A Saskatchewan registered nurse at the Yorkton Regional Health Centre was caught snooping through the personal health records of 70 people on 210 occasions, the privacy commissioner reports. Information and privacy commissioner Ronald J. Kruzeniski (pictured) said the nurse accessed the information through the Sunrise Clinical Manager electronic health record between Nov. 1, 2023, and May 3, 2024. Read More

EDMONTON – A former employee of Alberta Health Services (AHS) has been fined $12,000 for the offence of knowingly using and creating health information in contravention of the Health Information Act (HIA). The Office of the Information and Privacy Commissioner (OIPC) opened an offence investigation into this matter in June 2023 after AHS submitted a breach report to the OIPC. Read More

MILTON, Ont. – The personal health information of residents at a Milton long-term care home from the past 20 years was accessed in a data breach over the summer. According to Halton Region, a cybersecurity incident involving “third-party software” used by the Allendale Long-Term Care Home took place in June, giving hackers access to the names, health information and health-card numbers of residents who lived at the home from 2005 to July 2024. Read More

TORONTO – Over the course of the past year, the Ontario Provincial Police (OPP) Anti-Rackets Branch – Health Fraud Investigation Unit (HFIU) has charged three former employees of Ontario hospitals following investigations into allegations of inappropriate access of electronic medical records related to the Personal Health Information Protection Act (PHIPA). Read More

HALIFAX – An application has been filed in the Supreme Court of Nova Scotia to challenge the Nova Scotia government’s recent amendments to its provincial medical privacy legislation – known as the Personal Health Information Act, or “PHIA”. Read More

OSHAWA, Ont. – In a world where keeping patient information and data safe is more important than ever, Lakeridge Health is proud to announce it is the first healthcare system in Canada to earn both the prestigious ISO/IEC 27001:2022 certification and ISO/IEC 27701:2019 certification – the global gold standards for information security management and privacy information management systems. Read More

EDMONTON – Alberta is seeing an increase in abandoned health records alongside an “alarming” trend of “snooping” employees misusing health information for unauthorized purposes, according to the latest annual report by the province’s privacy commissioner. Read More

REGINA – Saskatchewan's information and privacy commissioner says hackers obtained the medical and personal information of more than 7,000 people. The breach occurred earlier this year and affected patient records stored electronically through four clinics run by the healthcare company Innomar in Saskatchewan. The intrusion did not affect Innomar's pharmacies in the province. Read More

CHARLOTTETOWN, PEI – Health P.E.I. CEO Melanie Fraser (pictured) says an employee was transferring a box of documents outside a Health P.E.I. office in the Garfield Street area of Charlottetown this month when they were blown over by a gust of wind. “It was a really unfortunate accident. I think Islanders will recognize what a blustery day it was,” Fraser said. Read More

MISSISSAUGA, Ont. – HealthHub Solutions is proud to announce that it has achieved the ISO 27001:2022 certification for information security management, becoming the first in its market to achieve this prestigious certification. This certification underscores HealthHub Solution’s commitment to data security, privacy, and international best practices, distinguishing it as a leader in the healthcare technology space. Read More