Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Manitoba: Ombudsman lays charges under PHIA for data breach
The Manitoba Ombudsman ('the Ombudsman') announced, on 20 October 2021, that it has completed an investigation relating to a privacy officer in a healthcare facility who allegedly used that access to view and disclose information for purposes unrelated to her work, therefore violating the Personal Health Information Act ('PHIA'). In particular, the Ombudsman detailed that the investigation started from a report of a privacy breach from a trustee under the PHIA about one of its employees, but also from a complaint from the individual alleging that his privacy had been breached by the employee who had access to personal health information through her job.
Moreover, the Ombudsman noted that, upon completing the investigation, it laid the charges against the employee, and that the individual to whom the personal health information relates provided consent for the Ombudsman to disclose his information to Manitoba Prosecution Service for the purpose of consultation about the charges.
Lastly, the Ombudsman highlighted that the maximum penalty for each offence under the PHIA is $50,000 and that a court date for this matter has not yet been set.
You can read the press release here.