Privacy commissioner orders shake-up

Ontario’s privacy commissioner has ordered computer security to be strengthened after a nurse lost a USB
memory stick containing information about more than 83,000 patients. It
had been collected during H1N1 flu vaccination clinics between October
23 and December 15. The data included names, government-issued ID
numbers and personal health information. Ann Cavoukian declared that
patient records had to be kept safely and ordered the health
bureaucracy “to immediately implement
procedures to ensure that any personal health information stored on any
mobile devices [laptops, memory sticks, etc] is strongly encrypted.”
The Ontario Ministry of Health will check regularly to ensure that
health information is being handled correctly.

“While I accept that custodians may not be able to totally
eliminate
the loss or theft of mobile devices, what I cannot accept is that the
information contained therein is not encrypted,” the commissioner said.
“Unauthorized access to health information stored on these devices
that happen to be lost or stolen may clearly be prevented through the
use of encryption technology. However, despite strong incentives to
avoid privacy breaches and the availability of encryption to prevent
such breaches, unencrypted mobile devices continued to be used. This is
both distressing and completely unacceptable.” ~ CBC News, Jan 14 

Michael Cook
Canada
privacy

• Author
• Recent Posts

Michael Cook

Michael Cook edits BioEdge, a bioethics newsletter, and MercatorNet, an on-line magazine whose focus is human dignity. He writes from Sydney, Australia.

Latest posts by Michael Cook (see all)

• How long can you put off seeing the doctor because of lockdowns? - December 3, 2021
• House of Lords debates assisted suicide—again - October 28, 2021
• Spanish government tries to restrict conscientious objection - October 28, 2021