After harsh privacy report, N.W.T. health authority reviewing how it stores patient files - Action News
Home WebMail Friday, November 22, 2024, 08:53 PM | Calgary | -11.3°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
North

After harsh privacy report, N.W.T. health authority reviewing how it stores patient files

The Northwest Territories Health and Social Services Authority says its reviewing how it stores personal documents in the wake of a privacy commissioners report into a records breach in Fort Simpson.

Review comes nearly 2 years after box of medical records reportedly found at Fort Simpson dump

Hundreds of discarded medical records were allegedly found in a banker's box at the Fort Simpson, N.W.T., dump in 2018. The N.W.T. Health and Social Services Authority says it is now reviewing how it stores patient documents. (Hilary Bird/CBC)

The Northwest Territories Health and Social Services Authority says it's reviewing how it stores personal documents in the wake of a privacy commissioner's report into a records breach in Fort Simpson.

In December 2018, a Fort Simpson man said he found a box withmore than 100 private medical records containing personal information fromaddictions treatment centres at the salvage area of the local dump. Last week, the CBC reported on the N.W.T. privacy commissioner's investigation into the incident. In her report, she found the documents had most likely been previously stored at a government building in Fort Simpson known as the "SISH" building, where they may have been stolen.

"The incident in Fort Simpson has been a sentinel event for our organization and we recognize the impact this has had on the trust in our system," acting CEO of the health authority, Kim Riles, wrote in an email to CBC.

"We now must look forward to ensuring we continue to make improvements so that we prevent events like this from happening again."

In her report on the breach, Elaine Keenan Bengts, the N.W.T.'s information and privacy commissioner, recommended 'urgent steps be taken to develop or actively adopt system wide policies' around the retention and destruction of records (Mario De Ciccio/CBC)

Elaine Keenan Bengts's privacy report was critical of the territory's health authority, saying the security in the SISH building "was at best weak and, at worst, non-existent at the time of the breach."

"I find that there were virtually no administrative, technical or physical safeguards in place for the protection of the records being stored in the basement of the SISH building at the time the records went missing," Keenan Bengts wrote in her report.

The report saidthe records which contained names, date of birth, social insurance numbers and people's personal health and addictions historywere kept in the basement of the building in a room that was often left unlocked and in a metal cage that may or may not have been locked. The keys for those cages werekept in the public reception area of the building and were often unsupervised.

Keenan Bengts wrote that the documents could have been mistakenly brought to the dump or they could have been stolen from the facility.

15 recommendations

In her report, Kennan Bengts put forth 15 recommendations, one of which called for a review of the way the health authority handles documents, most notably in the SISH building.

Riles says the authority has started a review looking at all of its current document storage locations to "ensure appropriate safeguards are in place."

She says all documents still kept at the SISH building in Fort Simpson have been properly locked in metal cages and all of the locks have been replaced. Keys for those locks are now being kept at a secure location in a separate building.

Riles says the authority has accepted 13 of Kennan Bengts's 15 recommendations, but didn't immediately respond when asked which two it had not been accepted.