LifeLabs is trying to block release of full privacy commissioners’ report

LifeLabs, Canada’s biggest medical testing laboratory, has decided to seek a court order to block the release of the investigation report by the Information and Privacy Commissioners of Ontario and British Columbia faulting the company for a 2019 privacy breach involving 15 million of its customers.

In a statement issued Wednesday, commissioners Patricia Kosseim of Ontario and Michael McEvoy of B.C. said they want to publish their full report into the LifeLabs data breach after releasing a summary on June 25th.

They noted that while LifeLabs has agreed to comply with their orders and recommendations thus far, it has challenged the release of the investigation report, claiming that some of the information it details to the commissioners is privileged or otherwise confidential. The commissioners dispute that claim.

Because the issue is now before the courts, the commissioners are refusing to comment further.

In their summary, the privacy commissioners said that, by not implementing reasonable safeguards to protect the data, LifeLabs violated Ontario’s health privacy law, the Personal Health Information and Privacy Act (PHIPA), and B.C.’s personal information protection law, the Personal Information and Privacy Act (PIPA).

Related:

LifeLabs faulted by Ontario, B.C. privacy commissioners for huge data breach

Among the findings was that LifeLabs didn’t have adequate information technology security policies and information safeguard practices in place. The Ontario privacy commissioner’s office also found that while LifeLabs largely took adequate steps to notify affected individuals of the breach, its process for notifying individuals of which specific elements of their own health information were compromised was inadequate.

After that summary was released, LifeLabs quickly issued a statement that side-stepped the dispute with the privacy commissioners. Instead, it said the company is reviewing the report. It also outlined several steps LifeLabs has taken since the breach, including appointing a chief information security officer (CISO), who, together with an expanded team, is leading a program of information security improvements. LifeLabs also named new chief privacy officers and chief information officers and says it has accelerated the company’s information security management program through an initial $50 million.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now