Privacy & Security

TORONTO – The LockBit ransomware gang – which uses sophisticated viruses to “lock up” data until the organization under attack pays up – has apologized for targeting the Hospital for Sick Children and released a decryptor for free. According to reports on the Internet, the group’s members are prohibited from attacking healthcare organizations. Read More

VICTORIA – Sensitive personal health records of British Columbia residents, from mental health to sexually transmitted disease histories, are “disturbingly” vulnerable to leaks, the provincial privacy watchdog says. Information and privacy commissioner Michael McEvoy (pictured) says in a report released by his office in December that security gaps in the public health computer system put it at risk of abuse by bad actors, from cyber criminals to jilted lovers looking for information about an ex. Read More

PRINCE ALBERT, Sask. – A retired doctor who was careless with medical records that were meant to be shredded needs to notify former patients whose personal data might have been breached, Saskatchewan’s information and privacy commissioner says. Dr. Lalita Malhotra, a retired doctor in Prince Albert, did not undertake “adequate efforts” to contain or investigate the breach, and did not provide notice about it, Ronald J. Kruzeniski (pictured) wrote in a decision dated Dec. 5. Read More

TORONTO – Hundreds of thousands of Ontarians’ information may have been compromised in a data breach of the province’s vaccine management system last year. Beginning this month, some 360,000 people will receive notices that their personal information was part of the November 2021 data breach of the COVAXX system, the Ministry of Public and Business Service Delivery said in a statement. Read More

REGINA – Saskatchewan’s privacy commissioner is urging the provincial health authority to part ways with fax machines after investigating numerous privacy breaches involving the dated method of communication. The commissioner’s office has investigated approximately 42 incidents of misdirected faxes by the Saskatchewan Health Authority (SHA) since 2018. Read More

TORONTO – Digital Health Canada’s CHIEF Executive Forum has released Code Grey, a cyber security resource for healthcare delivery executives produced by the CHIEF Executive Forum Cyber Security Working Group with input from the Canadian Centre for Cybersecurity. Read More

WHITEHORSE, YK – Health and Social Services Minister Tracy-Anne McPhee (pictured) says her department has changed its case management system so that sensitive information can only be accessed through a secure portal. Read More

ST. JOHN’S – The Newfoundland and Labrador Centre for Health Information (NLCHI) held its annual general meeting earlier this month, in a virtual format, but provided no updates about the major cyberattack that hit the province last fall. Nor did it outline what’s since been done to protect patient data. Read More

TORONTO – Despite rapid digital advancements in the healthcare sector, using outdated and vulnerable technologies such as faxes and unencrypted email threatens to erode the public’s confidence that their personal health information is secure. In a joint resolution, Canada’s federal, provincial, and territorial privacy commissioners called for a concerted effort across the healthcare sector to modernize and strengthen the privacy and security of digital health communications. Read More