Ontario hospital employee accesses PHI

Share this article:
An employee of North Bay Regional Health Centre in Ontario, Canada accessed without permission the personal health information (PHI) of thousands of patients.

How many victims? 5,800.

What type of personal information? PHI for patients dating back to 2004, including names, addresses, diagnosis data, test results and prescribed drugs.

What happened? The breach was initially discovered during a privacy audit. Upon further investigation, it was determined that an unnamed employee inappropriately accessed information.

Details: Hospital officials believe the data was not shared with any other staff members or individuals outside of the hospital.

What was the response? Affected individuals were notified by letter. In light of the incident, the hospital has taken measures to improve protections for PHI and to provide additional education to employees regarding data security and privacy.

Additionally, the hospital implemented more rigorous audits to detect attempts of unauthorized access to health care data. The Ontario College of Nurses and Information and Privacy Commission of Ontario have been informed of the breach.

Source: North Bay Regional Health Centre in Ontario, news release, “Breach of Privacy Occurs at North Bay Regional Health Centre Affecting 5,800 Patients,” Sept. 6, 2011.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in The Data Breach Blog

Backup hard drive stolen from law firm contained personal info

Social security numbers were among the information on a backup hard drive that was stolen from an employee of Imhoff and Associates, PC.

POS malware infections at two OTTO pizzeria locations in Maine

About 900 customers at two OTTO pizzeria locations in Portland, Maine, had payment card data compromised after POS malware was discovered on terminals.

Los Angeles-based health system breached; more than 500 patients affected

Personal information on more than 500 Cedars-Sinai Health System patients was compromised after a laptop was stolen from an employee's home.