• A break-in at a branch office of a not-for-profit organization resulted in the theft of two desktop computers and a server.
  • Section 12(2) notification requirement met by way of a notice to be included in the newsletter sent to patients and on the organization’s website.
  • Complaint resolved by way of informal resolution. Health information custodian agreed to update their security practices in order to ensure compliance with the Act.