Security Breach at the Canadian Health Dept Exposes Patient Information

Medical data of some patients in Canada was exposed as a result of a security breach, which officials are investigating.

On the evening of November 20 2007, a data breach leaked out confidential information belonging to patients whose medical test results were on the network of the Provincial Public Health Laboratory, said Attorney General and Minister of Justice, Jerome Kennedy on November 23, 2007. InformationWeek published Kennedy's statement on November 26, 2007. The matter was very serious and it required early action, Kennedy added.

The government's approach to deal with the breach was 'fast and judicious', according to a statement by the Provincial Government. It also said that the counting of the affected patients would be possible only after the forensic investigation was complete.

The province said that the exposed data files were stored on the PC of a consultant working for the lab who had brought the computer home. Here, when he connected the PC to the Internet, the files got released and became exposed. The consultant said that he came to know about the leakage when a person who said he represented a company on computer security called him. The caller said that he got hold of a part of the patient data that the consultant's PC held.

Both Ross Wiseman, the Health Minister, and Kennedy believed that the consultant violated the department guidelines by carrying the materials to his residence. The Chronicle Herald CANADA published this in news in the fourth week of November 2007.

The information that the computer held included patients' gender and age, their Medical Care Plan numbers, the name of their physician, and the results of the tests for diseases relating to hepatitis and HIV.

Meanwhile, a news report said that the police was assessing the data but since the matter was sensitive, the police wouldn't say anything more during the ongoing investigation.

While it is not known as to how many individuals' information was exposed, a CBC news report said that there has been no evidence of criminal misuse of the information. The investigation was being conducted by hiring a firm from outside the government department.

Related article: Securities Push Up A Must For Web Companies

» SPAMfighter News - 12/10/2007