Health Canada in cannabis security breach

Share this article:
Health Canada sent the private information of two individuals to a Toronto resident inadvertently last month in a security gaffe.

33-year-old Kyle Andrews, a user of medical marijuana, had contacted the government department asking for guidelines on the suggested use of the drug. Health Canada sent him the Marijuana Medical Access Regulations in the mail, but mistakenly included two other documents in the envelope. They contained private information on other Canadian residents who also used cannabis for medical reasons.

One of the documents included the medical condition of the individual concerned. Both documents contained names, addresses, phone numbers and birth dates of the Canadian residents.

Andrews, disconcerted over the security error, called Health Canada to report the problem. The service failed to call him back for two days.

“We inadvertently sent documents to you that you should not have received from us," said a representative for the service in a phone call with Andrews, before pleading with him to send the information back in a self-addressed envelope that it promised to send to him. “Health Canada takes our responsibility to safeguard personal information quite seriously, and this shouldn't have occurred."

The representative told Andrews that Health Canada needed to recover the information from the public domain. “It's already in the public domain," he said in an 11-minute conversation posted to YouTube. “I am the public."
Share this article:
close

Next Article in SC Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

Almost 40 percent of Canada's Justice Department duped by phishing

Almost one in four employees at Canada's Justice Department fell prey to internet phishing in an exercise last December.

Microsoft wavers on Canadian spam fears

Microsoft has reconsidered a move to cease security emails in Canada, following the introduction of an anti-spam law north of the border.

Underinvestment, poor communication plague Canadian cybersecurity

Canadian cybersecurity is languishing due to poor communication and disappointing security investments, according to research from the Ponemon Institute.