Latest news with #OfficeoftheInformationandPrivacyCommissionerofOntario
Hamilton Spectator
27-06-2025
- Health
- Hamilton Spectator
Ontario investigating alleged data breach of 200,000 home care patients' info
TORONTO - Ontario is investigating an alleged breach of 200,000 home care patients' personal health data, Health Minister Sylvia Jones said Friday. Liberal health critic Adil Shamji said he has unearthed information that an Ontario Health atHome data breach affecting at least 200,000 patients occurred in mid-March and was never disclosed to the public. 'I remain significantly, significantly concerned that there is an urgent, clear and present risk to Ontario home care patients that deserve to know that sensitive personal health information has been compromised of theirs and specifically has not been disclosed,' Shamji said. He did not reveal how he knows about the alleged breach, but has asked the information and privacy commissioner to investigate. Ontario Health atHome is responsible for co-ordinating in-home and community-based care. Shamji said about one-third of all home care patients in the province have been affected. He wrote to Information and Privacy Commissioner of Ontario Patricia Kosseim last week and again on Friday outlining his concerns. Kosseim wrote back to Shamji on Friday, saying her office is looking into the matter. 'I can confirm the Office of the Information and Privacy Commissioner of Ontario has received a report of a privacy breach that aligns with the circumstances and date described in your letter,' Kosseim wrote. The province says Ontario Health atHome is investigating one particular vendor that held that data and whether private information was taken. 'Ontario Health and Ontario Health atHome will notify if there has been any form of breach to individual patients,' Jones said. Premier Doug Ford said the province will get to the bottom of it. 'We will find out where the gap is and why it wasn't brought to our attention a lot earlier,' he said. Ford said the matter is personal to him, after his and his brother Rob Ford's medical information was breached in 2014. 'Anyone who breaches health-care records needs to be fired immediately,' Ford said. This report by The Canadian Press was first published June 27, 2025. Error! Sorry, there was an error processing your request. There was a problem with the recaptcha. Please try again. You may unsubscribe at any time. By signing up, you agree to our terms of use and privacy policy . This site is protected by reCAPTCHA and the Google privacy policy and terms of service apply. Want more of the latest from us? Sign up for more at our newsletter page .
Yahoo
24-06-2025
- Yahoo
Ontario's privacy commissioner issues guardrails for police using investigative genetic genealogy
TORONTO, June 24, 2025 /CNW/ - Today, the Office of the Information and Privacy Commissioner of Ontario (IPC) released guardrails for police use of investigative genetic genealogy. This first-in-Canada public resource marks an important step towards proper governance of this new and emerging technology. Investigative genetic genealogy (IGG) is a technique used by police to solve crimes. It involves using genetic data from crime scene samples and DNA databases to identify individuals through genetic matches, or partial matches to biological relatives. While IGG is a powerful tool for solving serious crimes, its use by police is currently not subject to any clear legislative framework. This raises real privacy and human rights concerns, especially for individuals who may become ensnared as part of a police investigation simply because they share DNA with someone else. "Investigative genetic genealogy has the power to crack cold cases, bring closure to victims' families, and even absolve the wrongfully convicted. But without clear legal rules, this new investigative tool can unduly broaden the scope of state surveillance and intrusion into the private lives of many innocent people." said Patricia Kosseim, Information and Privacy Commissioner of Ontario. "Until there is a clear law governing the use of this technology, my office is proposing a policy framework to help ensure police in Ontario use this technology responsibly and in a way that maintains public trust." While the IPC does not necessarily endorse police use of IGG, these guardrails serve as a tool to help police comply with their legal obligations and mitigate risks to privacy and human rights. The twelve guardrails cover: lawful authority, necessity and proportionality, accountability, third party procurement, data minimization, retention, data security, controls for surreptitious DNA collection, transparency, access, public consultation, and ethical disclosure guidelines. In developing these guardrails, the IPC consulted with a broad range of interested parties to ensure a diversity of voices and expertise, including: police services, government ministries, civil society and human rights organizations, academic researchers and lawyers, experts in forensic science, pathology, genomics and bioethics, First Nations technology leaders, as well as privacy, human rights, and victims' rights regulators. Guardrails for Police Use of Investigative Genetic Genealogy in Ontario is the latest in a series of practical resources for police related to Next-Generation Law Enforcement. Others include guidance on automated licence plate recognition, facial recognition, and body-worn cameras. Through the development of these guidance documents, the IPC aims to contribute to building public trust in law enforcement by working with relevant partners to develop the necessary guardrails for the adoption of new technologies that protect both public safety and Ontarians' access and privacy rights. Learn more: Guardrails for Police Use of Investigative Genetic Genealogy in Ontario Family ties: Using investigative genetic genealogy to solve crimes (Info Matters podcast episode) Release of personal information to police: your privacy rights Disclosure of personal information to law enforcement Law enforcement and surveillance technologies (IPC webcast) SOURCE Office of the Information and Privacy Commissioner/Ontario View original content to download multimedia:
Cision Canada
24-06-2025
- Cision Canada
Ontario's privacy commissioner issues guardrails for police using investigative genetic genealogy Français
TORONTO, /CNW/ - Today, the Office of the Information and Privacy Commissioner of Ontario (IPC) released guardrails for police use of investigative genetic genealogy. This first-in-Canada public resource marks an important step towards proper governance of this new and emerging technology. Investigative genetic genealogy (IGG) is a technique used by police to solve crimes. It involves using genetic data from crime scene samples and DNA databases to identify individuals through genetic matches, or partial matches to biological relatives. While IGG is a powerful tool for solving serious crimes, its use by police is currently not subject to any clear legislative framework. This raises real privacy and human rights concerns, especially for individuals who may become ensnared as part of a police investigation simply because they share DNA with someone else. "Investigative genetic genealogy has the power to crack cold cases, bring closure to victims' families, and even absolve the wrongfully convicted. But without clear legal rules, this new investigative tool can unduly broaden the scope of state surveillance and intrusion into the private lives of many innocent people." said Patricia Kosseim, Information and Privacy Commissioner of Ontario. "Until there is a clear law governing the use of this technology, my office is proposing a policy framework to help ensure police in Ontario use this technology responsibly and in a way that maintains public trust." While the IPC does not necessarily endorse police use of IGG, these guardrails serve as a tool to help police comply with their legal obligations and mitigate risks to privacy and human rights. The twelve guardrails cover: lawful authority, necessity and proportionality, accountability, third party procurement, data minimization, retention, data security, controls for surreptitious DNA collection, transparency, access, public consultation, and ethical disclosure guidelines. In developing these guardrails, the IPC consulted with a broad range of interested parties to ensure a diversity of voices and expertise, including: police services, government ministries, civil society and human rights organizations, academic researchers and lawyers, experts in forensic science, pathology, genomics and bioethics, First Nations technology leaders, as well as privacy, human rights, and victims' rights regulators.
Yahoo
12-06-2025
- Health
- Yahoo
Information and Privacy Commissioner urges government to close regulatory gaps and secure public trust
TORONTO, June 12, 2025 /CNW/ - Ontario's Information and Privacy Commissioner, Patricia Kosseim, is urging the provincial government to address regulatory gaps to better protect Ontarians' personal information from cybersecurity attacks, commercialization of children's data, and the use of AI technologies without clear rules or oversight. The call to action is outlined in the 2024 annual report of the Office of the Information and Privacy Commissioner of Ontario (IPC), From Vision to Impact: Five Years of Privacy and Transparency in a Digital Ontario, released today. The report also includes an appendix containing the IPC's findings and recommendations emerging from a series of access-to-information appeals involving the Greenbelt land removals. "In a world where trust is increasingly hard to come by, Ontarians deserve clear rules, strong safeguards, and full transparency from their institutions," said Commissioner Kosseim. "Whether it's how decisions are made, how personal data is used, or how emerging technologies are governed, our office will continue pushing for real accountability, because public trust is the foundation of a healthy democracy." Make AI and privacy laws work for OntariansThe IPC is urging the government to develop meaningful, enforceable regulations to address key legislative gaps left behind by Bill 194 that enacted the Enhancing Digital Security and Trust Act (EDSTA) and amended the Freedom of Information and Protection of Privacy Act (FIPPA). Specifically, the IPC is calling for: binding guardrails and independent oversight for public sector use of AI robust cybersecurity measures that protect Ontarians' sensitive information stronger and clearer protections for children's digital information amendments to the Municipal Freedom of Information and Protection of Privacy Act to match FIPPA changes. Failing to align the two laws risks creating confusion for institutions and frustration for Ontarians, who expect consistent privacy rights across all of Ontario's public sector Protect patient rights in a digital health systemEnsure that stronger accountability measures are embedded in the Personal Health Information Protection Act and that any future accompanying regulations strengthen meaningful access and protections for individuals' health information, rather than undermine them. Enabling greater access to the electronic health record system through digital health IDs may be a good thing, but not if the system lacks the necessary safeguards, clarity, and transparency. The IPC is calling on the government to retain individuals' full access rights to their health records, embed privacy-enhancing principles into the design of digital health IDs, and ensure strong governance and oversight, particularly when the provision of digital health services involves third-party vendors. Restore transparency and accountability in government decision-makingIn an appendix to its annual report, the IPC examines how the government handled a series of access to information requests related to the Greenbelt land removal decisions. The IPC identified several systemic issues, including: the use of personal devices and email accounts for government-related business, the use of code words that had the effect of frustrating FOI searches, the lack of proper documentation of key government decisions and poor information retention practices. These practices, if left unaddressed, risk undermining transparency and eroding public trust in government institutions. The IPC calls on the government to strengthen its record-keeping policies and practices, prohibit the use of personal accounts and devices for government-related business, regularly monitor for compliance, and codify a legal duty to document communications, decisions, and actions, as well as an explicit requirement for institutions to define and implement appropriate retention measures. The full 2024 annual report, including the Greenbelt appendix and key recommendations, is available on the IPC website. Additional resources: From Vision to Impact: Five Years of Privacy and Transparency in a Digital Ontario, 2024 Annual Report Statistical Report SOURCE Office of the Information and Privacy Commissioner/Ontario View original content to download multimedia: Error while retrieving data Sign in to access your portfolio Error while retrieving data Error while retrieving data Error while retrieving data Error while retrieving data
Cision Canada
12-06-2025
- Health
- Cision Canada
Information and Privacy Commissioner urges government to close regulatory gaps and secure public trust Français
TORONTO, June 12, 2025 /CNW/ - Ontario's Information and Privacy Commissioner, Patricia Kosseim, is urging the provincial government to address regulatory gaps to better protect Ontarians' personal information from cybersecurity attacks, commercialization of children's data, and the use of AI technologies without clear rules or oversight. The call to action is outlined in the 2024 annual report of the Office of the Information and Privacy Commissioner of Ontario (IPC), From Vision to Impact: Five Years of Privacy and Transparency in a Digital Ontario, released today. The report also includes an appendix containing the IPC's findings and recommendations emerging from a series of access-to-information appeals involving the Greenbelt land removals. "In a world where trust is increasingly hard to come by, Ontarians deserve clear rules, strong safeguards, and full transparency from their institutions," said Commissioner Kosseim. "Whether it's how decisions are made, how personal data is used, or how emerging technologies are governed, our office will continue pushing for real accountability, because public trust is the foundation of a healthy democracy." Make AI and privacy laws work for Ontarians The IPC is urging the government to develop meaningful, enforceable regulations to address key legislative gaps left behind by Bill 194 that enacted the Enhancing Digital Security and Trust Act (EDSTA) and amended the Freedom of Information and Protection of Privacy Act (FIPPA). Specifically, the IPC is calling for: binding guardrails and independent oversight for public sector use of AI robust cybersecurity measures that protect Ontarians' sensitive information stronger and clearer protections for children's digital information amendments to the Municipal Freedom of Information and Protection of Privacy Act to match FIPPA changes. Failing to align the two laws risks creating confusion for institutions and frustration for Ontarians, who expect consistent privacy rights across all of Ontario's public sector Protect patient rights in a digital health system Ensure that stronger accountability measures are embedded in the Personal Health Information Protection Act and that any future accompanying regulations strengthen meaningful access and protections for individuals' health information, rather than undermine them. Enabling greater access to the electronic health record system through digital health IDs may be a good thing, but not if the system lacks the necessary safeguards, clarity, and transparency. The IPC is calling on the government to retain individuals' full access rights to their health records, embed privacy-enhancing principles into the design of digital health IDs, and ensure strong governance and oversight, particularly when the provision of digital health services involves third-party vendors. Restore transparency and accountability in government decision-making In an appendix to its annual report, the IPC examines how the government handled a series of access to information requests related to the Greenbelt land removal decisions. The IPC identified several systemic issues, including: the use of personal devices and email accounts for government-related business, the use of code words that had the effect of frustrating FOI searches, the lack of proper documentation of key government decisions and poor information retention practices. These practices, if left unaddressed, risk undermining transparency and eroding public trust in government institutions. The IPC calls on the government to strengthen its record-keeping policies and practices, prohibit the use of personal accounts and devices for government-related business, regularly monitor for compliance, and codify a legal duty to document communications, decisions, and actions, as well as an explicit requirement for institutions to define and implement appropriate retention measures. The full 2024 annual report, including the Greenbelt appendix and key recommendations, is available on the IPC website.
