Case of Note: File MR23-00112 Background In November 2023, the Toronto Public Library (TPL) reported a cybersecurity breach to the Office of the Information and Privacy Commissioner of Ontario (IPC). The breach, which related to a ransomware attack, was first detected in October 2023 when TPL
A cybersecurity attack on Innomar Strategies’ systems resulted in the exfiltration of a significant number of individuals’ personal health information. The threat actor(s) gained access to an affiliate through a system vulnerability and moved laterally to gain access to Innomar’s systems. Read the
A cyberattack on the Toronto Public Library exposed vulnerabilities in its systems that contained a significant number of individuals’ personal information. Read the closing letter to learn about how the case was settled at the Early Resolution Stage.
Commissioner Kosseim’s keynote at the Public Sector Innovation Show on balancing innovation and privacy in the use of AI by the public sector including the benefits, risks and need for guardrails and legislation.
A prescribed person under the Personal Health Information Protection Act reported a breach to the IPC regarding a cyberattack that involved the unauthorized copying of approximately 3.4 million individuals’ personal health information from the prescribed person’s secure file transfer server. The
Case of Note: PHIPA Decision 249 Introduction Unfortunately, ransomware attacks are not an uncommon occurrence, especially in this era of rapidly advancing technologies. Bad actors use ransomware attacks to extract money and cause harm to others. As these types of attacks become increasingly common
A presentation to the National Institutes of Health Informatics (NIHI) discussing three health privacy trends in Ontario including: cybersecurity attacks, administrative monetary penalties, and artificial intelligence.
“What’s on your mind?” It’s a common question that, with the help of new technologies, may soon yield more personal information than we’d like. Neurotechnology devices can interact directly with the brain to extract information about our thoughts and behaviours and help stimulate certain physical...
On September 11, 2023, the IPC provided a submission to the Ministry of the Solicitor General as part of the Five-Year Review of the Police Record Checks Reform Act, 2015. The submission includes eight recommendations on how the police record check regime can be improved to better balance the
IPC Senior Technology and Policy Advisor, Christopher Parsons, will appear on a panel focused on the topic of ChatGPT, artificial intelligence and privacy concerns.
