Modernizing Authentication — What It Takes to Transform Secure Access
Canada's Saskatchewan Ministry of Health recently began informing 58 patients of a breach of their personal health information.
"Personal health information from 2003 was on a file that was used in an instructional setting in a health management course at the Saskatchewan Institute of Applied Science and Technology (SIAST) Regina campus beginning in 2005-06. ... Up to 140 students may have viewed the personal health data," the Ministry said in a statement.
"Typically, the ministry provides SIAST with de-identified information -- that which is either fake or has had names and health numbers removed -- for use by health management students," writes The Leader-Post's Don Healy. "In this instance, however, ministry officials believe someone made the file for another purpose and it mistakenly ended up at SIAST. ... Approximately 140 students would have used the file during one-day workshops over the eight years for around 30 minutes each time."
"Officials say it's highly unlikely, although not impossible, that students actually read the names and associated health files. ... The potential breach was discovered when SIAST sent the old records back for an update. At that time, the health ministry discovered what had happened," CBC News reports.