Search

Displaying 1 - 20 of 44

Toronto Public Library cyberattack: A wake-up call for stronger security

Toronto Public Library cyberattack: A wake-up call for stronger security … Case of Note: File MR23-00112 Background In November 2023, the Toronto Public Library (TPL) reported a cybersecurity breach to the Office of the Information and Privacy Commissioner of Ontario (IPC). The breach, which …

Resource

- Published on March 14, 2025

Ensuring secure disposal of health records: Out of sight is not out of mind!

Ensuring secure disposal of health records: Out of sight is not out of mind! … Case of Note: PHIPA Decision 266 Background A complaint was brought to the Information and Privacy Commissioner of Ontario (IPC) alleging that a health clinic had failed to securely dispose of records of personal health …

Resource

- Published on February 10, 2025

Toronto Public Library Cyberattack: Importance of reasonable security measures and notifying affected individuals under MFIPPA

Toronto Public Library Cyberattack: Importance of reasonable security measures and notifying affected individuals under MFIPPA … A cyberattack on the Toronto Public Library exposed vulnerabilities in its systems that contained a significant number of individuals’ personal information. Read the …

Resource

- Published on December 19, 2024

Joint Investigation into LifeLabs Data Breach

Joint Investigation into LifeLabs Data Breach … The joint investigation report concerning the 2019 cyberattack on LifeLabs’ computer systems was completed in June 2020. The Ontario Court of Appeal recently dismissed LifeLabs’ bid to block public release of the report. … Joint Investigation into …

Resource

- Published on November 25, 2024

Preventing health privacy breaches: Why training, policies, and confidentiality agreements matter

Preventing health privacy breaches: Why training, policies, and confidentiality agreements matter … Case of Note: PHIPA Decision 260 Background A public hospital was alerted to suspicious activity on a patient chart, and initiated an investigation, which included a targeted audit. The audit …

Resource

- Published on November 18, 2024

Reported Breach HR23-00282

Reported Breach HR23-00282 … A prescribed person under the Personal Health Information Protection Act reported a breach to the IPC regarding a cyberattack that involved the unauthorized copying of approximately 3.4 million individuals’ personal health information from the prescribed person’s secure …

Resource

- Published on August 14, 2024

Ransomware reality: Case study in health care cybersecurity and recovery

Ransomware reality: Case study in health care cybersecurity and recovery … Unfortunately, ransomware attacks are not an uncommon occurrence, especially in this era of rapidly advancing technologies. Bad actors use ransomware attacks to extract money and cause harm to others. As these types of …

Resource

- Published on July 18, 2024

Cyberattack response: Duty to notify individuals under PHIPA and CYFSA

Cyberattack response: Duty to notify individuals under PHIPA and CYFSA … Background The following decisions involved different cyberattacks against four different organizations. Three involved health information custodians (HICs) subject to the Personal Health Information Protection Act (PHIPA), …

Basic page

- Published on August 2, 2024

Ransomware reality: Case study in health care cybersecurity and recovery

Ransomware reality: Case study in health care cybersecurity and recovery … Case of Note: PHIPA Decision 249 Introduction Unfortunately, ransomware attacks are not an uncommon occurrence, especially in this era of rapidly advancing technologies. Bad actors use ransomware attacks to extract money and …

Basic page

- Published on July 18, 2024

Privacy Pursuit Lesson Plan - My Privacy, Your Privacy (Grades 7 – 8)

Privacy Pursuit Lesson Plan - My Privacy, Your Privacy (Grades 7 – 8) … Privacy Pursuit Lesson Plan - My Privacy, Your Privacy (Grades 7 – 8) …

Resource

- Published on April 20, 2023

Privacy Pursuit Lesson Plan - The Value of Privacy (Grades 6-7)

Privacy Pursuit Lesson Plan - The Value of Privacy (Grades 6-7) … Privacy Pursuit Lesson Plan - The Value of Privacy (Grades 6-7) …

Resource

- Published on April 20, 2023

Privacy Pursuit Lesson Plan - Protecting Your Privacy (Grades 4-5)

Privacy Pursuit Lesson Plan - Protecting Your Privacy (Grades 4-5) … Privacy Pursuit Lesson Plan - Protecting Your Privacy (Grades 4-5) …

Resource

- Published on April 20, 2023

Privacy Pursuit Lesson Plan - What is Privacy? (Grades 2-3)

Privacy Pursuit Lesson Plan - What is Privacy? (Grades 2-3) … Privacy Pursuit Lesson Plan - What is Privacy? (Grades 2-3) …

Resource

- Published on April 20, 2023

Special Reports

Special Reports … Special Reports …

Landing Page

- Published on May 10, 2024

Privacy Pursuit: Games and Activities for Kids

Privacy Pursuit: Games and Activities for Kids … Privacy Pursuit: Games and Activities for Kids …

Resource

- Published on September 23, 2021

Lesson Plan: Privacy Rights of Children and Teens

Lesson Plan: Privacy Rights of Children and Teens … Lesson Plan: Privacy Rights of Children and Teens …

Resource

- Published on June 18, 2018

Lesson Plan: Know the Deal: The Value of Privacy

Lesson Plan: Know the Deal: The Value of Privacy … Lesson Plan: Know the Deal: The Value of Privacy …

Resource

- Published on June 18, 2018

Lesson Plan: Getting the Toothpaste Back into the Tube: A Lesson on Online Information

Lesson Plan: Getting the Toothpaste Back into the Tube: A Lesson on Online Information … Lesson Plan: Getting the Toothpaste Back into the Tube: A Lesson on Online …

Resource

- Published on June 18, 2018

Investigation into Records Management Practices at TO2015

Investigation into Records Management Practices at TO2015 … Full report on the Commissioner's investigation into the records management practices of the Toronto Organizing Committee for the 2015 Pan American and Parapan American Games (TO2015). … Investigation into Records Management Practices at …

Resource

- Published on September 29, 2016

Crossing the Line: The Indiscriminate Disclosure of Attempted Suicide Information to U.S. Border Officials via CPIC

Crossing the Line: The Indiscriminate Disclosure of Attempted Suicide Information to U.S. Border Officials via CPIC … June 5, 2014: IPC Notice of Application for Judicial Review to the Toronto Police Service … Crossing the Line: The Indiscriminate Disclosure of Attempted Suicide Information to U.S. …

Resource

- Published on April 14, 2014