Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Saskatchewan: Commissioner issues report on Lifelabs health data breach

The Office of the Saskatchewan Information and Privacy Commissioner ('OIPC') published, on 9 June 2020, an investigation report ('the Report') into a data breach suffered by LifeLabs LP which resulted in the unauthorised disclosure of personal health information of 93,647 Saskatchewan residents. In particular, the Report highlights that at the time of the attack, the Saskatchewan Health Authority ('the SHA') had control of the majority of the personal health information at the time of the attack and as LifeLabs could not authenticate the identities of certain individuals, the Report notes that the Commissioner was not satisfied with the notification efforts of LifeLabs and the SHA. Furthermore, the Report outlines that since a detailed summary was not provided, LifeLabs did not demonstrate that it fully investigated the breach or adopted appropriate preventative measures. Finally, the Commissioner recommended that the SHA conduct an audit of LifeLabs' response to the breach and that LifeLabs and the SHA provide cyber security protection to affected individuals from Saskatchewan for a minimum of five years.

You can read the Report here.