Obviously there’s a political agenda here, but it’s curious I hadn’t heard about any breach until I read this press release. There is no notice on the Ontario PSW site concerning any breach:
Concerns and questions are mounting over the lack of provincial government action and oversight following a serious security breach at an employer-run online registry containing the names, employment and personal information of 25,000 personal support workers (PSWs). Two police forces and fraud investigators are now on the case.
All Ontario PSWs working in home care, long-term care and hospitals will soon be mandated to register with the [Ontario] Personal Support Worker Registry as a condition of employment.
Recently PSWs were alerted that their personal data on the Registry had been compromised by an “unauthorized user”. Since the security breach, PSWs have been targeted by telephone solicitations attempting to extract “registration” fees and payments for insurance coverage. There are no such fees associated with the PSW Registry, which has been online since June 2012.
The Canadian Union of Public Employees (CUPE) Ontario and CUPE’s Ontario Council of Hospital Unions (OCHU) opposed the ministry of health’s promotion of the Registry, as established, for several key reasons. CUPE’s concerns included the lack of government oversight and the seemingly inadequate policies and procedures for keeping PSWs’ information secure and confidential. CUPE, which represents over 20,000 PSWs province-wide also opposed the Registry being set up as a private, unaccountable, employer-managed organization.
Today CUPE called for:
- The health minister to prevent the Registry from accepting new registrants until the ministry publicly certifies that the Registry has adequate policies, procedures, and staff training in place to ensure the privacy of registrants in the future.
- The PSW Registry to cease accepting new registrants until there is a full independent investigation of the privacy policies and procedures in place at the Registry and the investigation findings made public.
- An external, independent, and expert assessment of the breach and the Registry’s privacy policies, procedures, and staff training and that the findings be made public and sent to all existing registrants.
“Committed and caring PSWs should not be subjected to an insecure system, one that exposes them to the risk of having their personal information taken by an unauthorized user, demanding money from them. The actions taken by the Registry to protect PSWs are inadequate and the province must step-in. The minister has a responsibility to protect the privacy rights of these health care workers,” says Fred Hahn, president of CUPE Ontario.
The security breach “deepens our concerns about the need and merit of this Registry, considerably,” says Michael Hurley, president of OCHU. The health minister clearly knows that Ontario’s home care system leaves tens of thousands of PSWs with inconsistent, irregular and inadequate work hours. This privacy breach puts PSWs in an even more vulnerable situation.”
SOURCE: Cupe Communications