Privacy commissioners in B.C., Ontario, order LifeLabs to improve security
VICTORIA — A joint investigation by the privacy commissioners of Ontario and British Columbia says Lifelabs failed to put in place reasonable safeguards to protect the personal health information of millions of Canadians.
A statement released Thursday by the commissioners says the breach last year at LifeLabs, one of Canada’s largest medical services companies, broke Ontario’s health privacy law and B.C.’s personal information protection law.
The joint investigation found LifeLabs collected more personal health information than was necessary, failed to protect that data in its electronic systems and relied on inadequate information technology security policies.
Both offices have ordered LifeLabs to address the shortcomings through measures that include improving its security systems and creating written policies and practices regarding information technology security.