• A laptop that may have contained the personal health information of up to 590 individuals was stolen from a staff member’s vehicle. The laptop was not encrypted.
  • The matter was resolved by way of informal resolution. Various security measures are being put in place by the custodian, including the implementation of encryption on mobile computing devices. Given the vulnerability of the particular group of affected individuals, the Section 12(2) notification requirement was met by way of personal notification by members of the treatment team or the referring/aftercare health care practitioner.