I was reminded of there Jerry Maguire movie clip when I read the latest in a long line of security breach stories – this one emanating from Canada where this group is in hot water over a massive 620,000 patient data breach…taking 4 months to notify authorities. Apparently Canada does not have a national Breach notification rule like the US and the public “Wall of Shame“
Canada does not have a federal health data breach notification requirement. But the Canadian provinces have their own rules, including some that mandate notification. Under Alberta’s Health Information Act, which was enacted in 2001, the reporting of health data breaches is voluntary, privacy experts say.
They might want to change that…
In this latest release Medicentres Family Health Care Clinics, a 27-clinic medical group in Western Canada had an unencrypted clinic laptop stolen from one of the clinic’s IT consultants.
The laptop contained 620,000 patient names, dates of birth, health card numbers, medical diagnoses and billing codes, officials said.
Here in the US the chart of complaints is depressing
How many more data breaches will we see before everyone understands the need to pay close attention to security.
Encrypting your hard drives for all machines that contain patient information and demanding all staff and consultants and anyone that has access to patient data encrypts their drive and data would have prevented this.