Patients at three Scarborough hospitals may have accessed some of their personal data after a cybersecurity breach, but officials say the complexity of the incident is such that they have not been able to determine how many people left. see affected.
The Scarborough Health Network has issued a public warning about an incident involving unauthorized access to data contained on “various” of its servers.
It says that accessed data includes patient ID numbers, names, gender, dates of birth, email addresses, home addresses, OHIP numbers, procedure descriptions, lab reports, staff names, insurance policy numbers, immunization status, and diagnosis. information.
“SHN takes the privacy and security of patients, staff and business contacts and personal information very seriously, and we sincerely regret that this incident has occurred,” said SHN President and CEO Elizabeth Buller. in a press release. “I want to assure patients that we acted as quickly as possible to contain and investigate the incident to ensure that our clinical operations were not affected. In addition, all computer security improvements that were made were immediately addressed. identify as a result of our research “.
The cybersecurity breach was first discovered on January 25 and the “unauthorized actor” was left out of the system on February 1, according to officials. For this reason, not all patient data collected since February is considered at risk.
The hospital network says experts continue to monitor the situation, but “they have not yet detected any malicious use of the accessed data.”
However, SHN officials advise people to keep an eye on their accounts and “be on the lookout for incidents of identity fraud and theft.”
“Unfortunately, given the complexity of the incident, we are unable to determine which people were directly affected,” a post on SHN’s website states.
The breach affected servers with patient data from Birchmount Hospital, Scarborough General Hospital, Centennial Hospital and Ajax Pickering Hospital prior to its merger under Lakeridge Health.
The breach has been reported to the Office of the Ontario Information and Privacy Commissioner.
The Scarborough Health Network has created a resource page for those who may have been affected by non-compliance at the following link.