Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Manitoba: Ombudsman lays charges under PHIA for data breach

The Manitoba Ombudsman ('the Ombudsman') announced, on 20 October 2021, that it has completed an investigation relating to a privacy officer in a healthcare facility who allegedly used that access to view and disclose information for purposes unrelated to her work, therefore violating the Personal Health Information Act ('PHIA'). In particular, the Ombudsman detailed that the investigation started from a report of a privacy breach from a trustee under the PHIA about one of its employees, but also from a complaint from the individual alleging that his privacy had been breached by the employee who had access to personal health information through her job.

Moreover, the Ombudsman noted that, upon completing the investigation, it laid the charges against the employee, and that the individual to whom the personal health information relates provided consent for the Ombudsman to disclose his information to Manitoba Prosecution Service for the purpose of consultation about the charges.

Lastly, the Ombudsman highlighted that the maximum penalty for each offence under the PHIA is $50,000 and that a court date for this matter has not yet been set.

You can read the press release here.