DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Ca: Adding injury to pain: patients' data on stolen drive (update2)

Posted on May 20, 2011 by Dissent

Lacombe police are investigating after a portable hard drive device was stolen from a medical clinic.

The hard drive contained back up copies of Alberta Health Services’ Central Alberta Pain & Rehabilitation Institute client records.

The device was the property of the Dr. Burnham & Associates Medical Clinic.

Read more on CTV.ca. The Lacombe Globe also covers the theft but does not add any details as to what kinds of data were on the stolen device.

Update: AHS has posted a news release on its site:

AHS program records impacted by private clinic break and enter
May 20, 2011

LACOMBE – The Dr. R. Burnham & Associates Medical Clinic in Lacombe has informed Alberta Health Services that a portable hard drive recently stolen from this clinic contained backup copies of Alberta Health Services’ Central Alberta Pain & Rehabilitation Institute (CAPRI) client records. The CAPRI program is co-located in the Dr. Burnham clinic.

Although there is no indication that data stored on this portable hard drive data has been accessed at this time, AHS is reminding CAPRI clients to be vigilant about their personal information following this theft.

Lacombe Police are investigating this break and enter. No hard copies of patient files were taken. This theft does not impact patient care.

The stolen hard drive – which was private property of the Dr. Burnham clinic, and not an AHS device – was password protected, but not encrypted. The password protection makes unauthorized access to information difficult to obtain; however, it is always advisable to remain alert to any unusual activity that may indicate personal information has been accessed or used. If you have concerns that your information has been accessed or used inappropriately, contact the Lacombe Police Service at 1-403-782-3279 and reference file number 2011-517249.

In addition to informing Alberta Health Services, Dr. Burnham’s clinic has also informed the Office of the Information & Privacy Commissioner of this theft, and is working collaboratively to ensure all clinic patients are aware of this incident.

Current and former CAPRI program clients can contact the clinic with any questions or concerns, Mondays through Thursdays, 8:30 a.m. to 4:30 p.m., toll-free, at 1-877-323-7116.

Lacombe Police asks that anyone with information pertaining to this theft please call Crime Stoppers at 1-800-222-TIPS.

Alberta Health Services is the provincial health authority responsible for planning and delivering health supports and services for more than 3.7 million adults and children living in Alberta. Its mission is to provide a patient-focused, quality health system that is accessible and sustainable for all Albertans.

Okay, but how about telling us what kinds of data were on the stolen drive – and exactly when it was stolen? And oh yes, how many patients were affected? I know, I know, this is Canada and there’s no mandatory notification of the kind I always like to see, but I can still ask….

Update 2: Okay, here we go, thanks to Pamela DiPinto the Edmonton Journal:

A portable hard drive containing backup copies of 1,000 Alberta Health Services’ Central Alberta Pain and Rehabilitation Institute client records was stolen recently from a clinic in Lacombe, the AHS revealed Friday. An unconfirmed number of non-AHS patients at the Lacombe clinic are also affected by the breach.

The stolen hard drive — containing clients’ names, birth dates, addresses, health care numbers and prescription information — was stolen from the Dr. R. Burnham and Associates Medical Clinic in Lacombe between closing Friday, May 6, and 7 p.m. Sunday, May 8, said AHS chief privacy officer Mike Tolfree.

Wayne Wood, information and privacy commissioner spokesperson, said their office was notified of the theft on May 16 and an investigation was launched. The Lacombe Police Service is also investigating the break and enter.

[…]


Related:

  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
  • North Country Healthcare responds to Stormous's claims of a breach
  • Texas Enacts Electronic Health Record Data Localization Law
Category: Health Data

Post navigation

← FL: Two Sentenced in ID Theft and Credit Card Scheme Involving Flanigan’s Customers
Ca: Stolen hard drive contained pain patients’ sensitive information →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Honeywell vulnerability exposes building systems to cyber attacks
  • Recent public service announcements of note — parents should take special note of these
  • Au: Junior doctor faces fresh toilet spying charges as probe widens to other major hospitals
  • Average Brit hit by five data breaches since 2004
  • BlackSuit ransomware site seized as part of Operation Checkmate
  • The day after XSS.is forum was seized, it struggles to come back online — but is it really them?
  • U.S. nuclear and health agencies hit in Microsoft SharePoint breach
  • Russia suspected of hacking Dutch prosecution service systems
  • Korea imposes 343 million won penalty on HAESUNG DS for data breach of 70,000 shareholders
  • Paying cyberattackers is wrong, right? Should Taos County’s incident be an exception? (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure
  • Idaho agrees not to prosecute doctors for out-of-state abortion referrals
  • As companies race to add AI, terms of service changes are going to freak a lot of people out. Think twice before granting consent!
  • Uganda orders Google to register as a data-controller within 30 days after landmark privacy ruling

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report