Peel Health Program hit with data breach

Share this article:

Ontarian regional municipality Peel admitted this week to losing the personal information of more than 18,000 people in a security breach.

The names, addresses, ages, marital statements and assessment information of the region's Healthy Babies Healthy Children program were lost on an unencrypted SD card, said the region's health officer Eileen de Villa. The card was on a bag that was stolen from an employee's car on Sept. 24.

Health staff had used records to determine how to treat clients as part of the program, which was a voluntary initiative designed to help and educate families on childcare during and after pregnancy. The families were based in the Peel region, which encompasses the municipalities of Brampton, Caledon and Mississauga, near Toronto.

The majority of records stolen related to people who were in the program from March 2010 to August 2011, although there were several records from outside that time window.

“It is not standard or acceptable practice for any staff to put client information on unencrypted devices,” said de Villa, apologizing for the incident.

Security experts criticized the municipality. “Behaviors aren't changing. We rely on these silly policies that allow human beings to be perfect,” said Tony Busseri, CEO of Toronto-based Route1, which sells identity management and service delivery software. "Why we would ever allow portable devices to extract information? It's silliness. Whether it's 18,000 or 800,000, there's a behavior that's going on in Canada that's quite troubling. Not enough attention has been given to this subject,” he said.

The municipality is notifying affected individuals by letter and phone.

Share this article:

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

Health law needs reform, says provincial privacy watchdog

The Albertan Information and Privacy Commissioner has formally asked the government to amend the province's Health Information Act with mandatory breach reporting and notification measures.

Well.ca security not that well, letter reveals

Well.ca, an online store selling health and beauty products, exposed names, addresses and credit card details for some of its customers in December, it admitted last month.

Canada signs Wedge Networks to secure government data centers

The Canadian government has hired Wedge Networks, a provider of cloud-based security services, to secure its computing infrastructure.