Data breach could affect up to 100,000 patients at Queensway Carleton Hospital | SaltWire
Data breach could affect up to 100,000 patients at Queensway Carleton Hospital
Elizabeth Payne · Postmedia News | Posted: April 28, 2023, 11:40 a.m. | Updated: April 28, 2023, 11:40 a.m. | 2 Min Read
facebook sharing buttontwitter sharing buttonlinkedin sharing buttonsharethis sharing button
OTTAWA -- Monday, Mar. 30, 2020 -- The Queensway Carleton Hospital. ERROL MCGIHON, Postmedia
Health and personal information, home addresses and OHIP numbers of up to 100,000 patients at Queensway Carleton Hospital have been affected by a major data breach involving an Ottawa-based third-party software provider.
The hospital sent out public notices of the breach Friday and is contacting patients individually. It has also notified the province’s privacy commissioner.
Queensway Carleton Hospital said it stopped using the platform by the Canadian software company Aetonix Systems Inc. after learning in March that an authorized third party may have gained access to an “internal test environment” where personal health information of Canadians patients had been temporarily stored.
“Following a thorough review of the incident, Aetonix’s forensic investigation has concluded that the incident may have resulted in your personal health information being accessed or copied by an unauthorized third party,” the hospital wrote in a notice to patients.
The company investigation identified that data for certain patients over the past two years may have been accessed from the Aetonix cloud platform. The hospital contracted with the company in March 2021 to provide virtual communications services and remote patient monitoring, among other tools to support patients. As part of that contract, information was sent from QCH to an Aetonix cloud server.
The investigation by Aetonix could not confirm whether any unauthorized person actually viewed or copied the patient information.
“We want to stress that neither QCH nor Aetonix are aware of any misuse of this information,” said the hospital. It added that Aetonix “continues to monitor the Internet for any activity and potential misuse of the data.” QCH said it will share updates on its website.
Data potentially accessed could include: demographic information including the patient’s name, gender, date of birth, marital status and mother tongue; home addresses, phone numbers, and email addresses; OHIP numbers; insurance policy numbers; health care providers; patient ID numbers; patient visit ID numbers; scheduled surgical dates; past medical history and procedure description.
The hospital said it will communicate individually with patients about information that was potentially impacted.
“We understand that this can be worrisome. Please know, there is no indication that any information has been misused.”
It is also offering the service of a credit monitoring agency to impacted patients. The company’s services include monitoring the Dark Web for potentially exposed personal, identify and financial information. There is a dedicated call centre line for affected patients at the company TransUnion at 1 833-570-3044.
Patients whose health card number was potentially affected are also asked to contact ServiceOntario at 1-866-532-3161.
Elizabeth Payne · Postmedia News | Posted: April 28, 2023, 11:40 a.m. | Updated: April 28, 2023, 11:40 a.m. | 2 Min Read
facebook sharing buttontwitter sharing buttonlinkedin sharing buttonsharethis sharing button
OTTAWA -- Monday, Mar. 30, 2020 -- The Queensway Carleton Hospital. ERROL MCGIHON, Postmedia
Health and personal information, home addresses and OHIP numbers of up to 100,000 patients at Queensway Carleton Hospital have been affected by a major data breach involving an Ottawa-based third-party software provider.
The hospital sent out public notices of the breach Friday and is contacting patients individually. It has also notified the province’s privacy commissioner.
Queensway Carleton Hospital said it stopped using the platform by the Canadian software company Aetonix Systems Inc. after learning in March that an authorized third party may have gained access to an “internal test environment” where personal health information of Canadians patients had been temporarily stored.
“Following a thorough review of the incident, Aetonix’s forensic investigation has concluded that the incident may have resulted in your personal health information being accessed or copied by an unauthorized third party,” the hospital wrote in a notice to patients.
The company investigation identified that data for certain patients over the past two years may have been accessed from the Aetonix cloud platform. The hospital contracted with the company in March 2021 to provide virtual communications services and remote patient monitoring, among other tools to support patients. As part of that contract, information was sent from QCH to an Aetonix cloud server.
The investigation by Aetonix could not confirm whether any unauthorized person actually viewed or copied the patient information.
“We want to stress that neither QCH nor Aetonix are aware of any misuse of this information,” said the hospital. It added that Aetonix “continues to monitor the Internet for any activity and potential misuse of the data.” QCH said it will share updates on its website.
Data potentially accessed could include: demographic information including the patient’s name, gender, date of birth, marital status and mother tongue; home addresses, phone numbers, and email addresses; OHIP numbers; insurance policy numbers; health care providers; patient ID numbers; patient visit ID numbers; scheduled surgical dates; past medical history and procedure description.
The hospital said it will communicate individually with patients about information that was potentially impacted.
“We understand that this can be worrisome. Please know, there is no indication that any information has been misused.”
It is also offering the service of a credit monitoring agency to impacted patients. The company’s services include monitoring the Dark Web for potentially exposed personal, identify and financial information. There is a dedicated call centre line for affected patients at the company TransUnion at 1 833-570-3044.
Patients whose health card number was potentially affected are also asked to contact ServiceOntario at 1-866-532-3161.
