Healthcare Quarterly

Healthcare Quarterly 12(1) January 2009 : 61-65.doi:10.12927/hcq.2009.20416
Management Rounds

Lessons Learned from a Privacy Breach at an Academic Health Science Centre

Jacqueline Malonda, Janice Campbell, Daniela Crivianu-Gaita, Melvin H. Freedman, Polly Stevens and Ronald M. Laxer


In 2007, the Hospital for Sick Children experienced a serious privacy breach when a laptop computer containing the personal health information of approximately 3,000 patients and research subjects was stolen from a physician-researcher's vehicle. This incident was reported to the information and privacy commissioner of Ontario (IPC). The IPC issued an order that required the hospital to examine and revise its policies, practices and research protocols related to the protection of personal health information and to educate staff on privacy-related matters. This article outlines the hospital's response to the breach and to the commissioner's order, and the hospital's ongoing journey to create a culture aware of and accepting of the right to privacy of personal health information.



Be the first to comment on this!

Note: Please enter a display name. Your email address will not be publically displayed