Insertion of computer virus suspected in Manitoba health region privacy breach

BRANDON, Man. -- More than 1,500 patients and staff have been notified of a privacy breach at a regional health authority that covers a large area of western Manitoba.

The website breach was discovered April 5 at Brandon-based Prairie Mountain Health.

The data involved patient information regarding ambulance transportation records by emergency medical services staff from 2013 to this year.

Penny Gilson, the health region's CEO, says in a statement that they believe the intent of the hack was not to access information, but to transmit a virus that would infect website files.

Gilson says the information involved could not be easily extracted for further use, was limited to select files and would have required searching individual files and transferring, in the case of client information, handwritten information.

Written notifications were sent out to the affected RHA and affiliated staff on April 6, while letters to affected patients were sent from April 12 until approximately May 19 as current contact information was confirmed.

Gilson said 1,176 clients and 453 Prairie Mountain Health and affiliated employees in the northern part of the RHA are at-risk.

"Any time there has been a compromise of personal or personal health information, we remain concerned," she said.

"Although the likelihood is low, based on how this information was stored on the site, we cannot exclude the possibility that identifiable personal and personal health information may have been, at minimum, viewed by the attacker, and or copied." (Winnipeg Free Press)