B.C. Premier Christy Clark promised Thursday that anyone found responsible for a data breach in the province’s pharmacy network that affected the personal information of thousands of people will be fired.
The province’s Health Ministry launched an investigation after what it said were four instances of “unusual” activity in its PharmaNet system since last fall. The ministry said someone accessed the names, address, dates of birth, health numbers and genders of about 7,500 people. Of those, about 80 had their recent medical histories viewed.
The government does not know who accessed the information, but the ministry said it is investigating.
“They will be fired immediately and any further action that needs to be taken against them will be taken immediately,” Ms. Clark told reporters in Victoria on Thursday.
“This is a deeply concerning issue for all of us.”
PharmaNet is an online central information system that connects pharmacies across B.C. The system stores basic patient profiles, as well as 14 months of a patient’s medical history.
The ministry is in the process of sending letters to all those affected, advising them to take precautions to guard against identity theft.
The ministry has also notified Doctors of BC, the College of Physicians and Surgeons of British Columbia, the Office of the Information and Privacy Commissioner and the Canadian Medical Association.
“There are very few things in your life as private as some of the details of the medication you are taking, any illnesses you have experienced,” Ms. Clark said. “We have an absolute obligation to protect that for people.”
Health Minister Terry Lake said his department is investigating who is behind the breach and why.
“I think today we live in a world where electronic information is susceptible to people accessing it inappropriately,” Mr. Lake said.
The Health Minister said the breaches were discovered when one of their vendors, MedNet, alerted them of strange activity.
“Those systems are in place to alert us to this abnormal type of access,” he said.
NDP MLA Doug Routley feels government ministers need to be held more accountable. “I hope they’re getting fleet insurance for all of the buses they’re throwing bureaucrats under,” said Mr. Routley, referring to the Premier’s promise to fire anyone found responsible. “The ministers of this government accept no responsibility for these problems,” Mr. Routley said. “Yes, it’s some distant person in the ministry who might have done something wrong, but it all starts at the top.”
The Health Ministry said an independent security review of PharmaNet, separate from its own investigation, is also under way and is scheduled to be completed in July.
The B.C. government has had several data breaches in recent years, in the Health Ministry and other departments, including in 2012, when the province announced a privacy breach that led to the firing of eight health researchers. They included junior researcher Roderick MacIsaac, who killed himself after being interrogated by government officials and fired just two days before the end of his student co-op term.
Last year, the province’s privacy commissioner criticized the government after records related to 3.4-million students were lost when a hard drive was misplaced.
In 2013, the privacy commissioner released a report that examined three cases of unauthorized disclosure of medical records – each related to clinical research – where Health Ministry employees were able to download large amounts of personal health data onto unencrypted flash drives and share it without authorization. That report said the ministry was deficient in maintaining privacy and security safeguards and made 11 recommendations for improved security.
With a report from Justine HunterReport Typo/Error
Follow us on Twitter: