On June 25, 2020, the Ontario and British Columbia Information and Privacy Commissioners just shared the results of their joint investigation regarding a serious breach that took place in 2019 – the findings revealed that LifeLabs, Canada’s largest provider of general health diagnostic and specialty laboratory testing services, failed to protect the personal health information of millions of Canadians.
The Capital One Data Breach has been big news lately, and for good reason. It’s a big deal. This breach compromised the data of over 100 million Capital One customers. Instead of a shadowy overseas hacker or a creepy crawler from the dark web, the hacker was a former employee of the cloud hosting company through which Capital One stored their data.
This spring the largest penalty to date was issued under Ontario’s Personal Health Information Protection Act (PHIPA). A social work student was convicted of accessing personal health information without authorization, and ordered pay a $20,000 fine and a $5,000 victim fine surcharge.