Canadian DPA condemns data breach of Canadian laboratory testing company

According to Reuters, a joint report from privacy commissioners for the provinces of British Columbia (BC) and Ontario stated that the Canadian laboratory testing company LifeLabs has failed to adequately protect sensitive health information of millions of people, resulting in one of the biggest data breaches in Canada in 2019. Canada’s largest provider of specialty medical laboratory testing exposed in 2019 the data of more than 15 million customers, including names, addresses, e-mails, customer logins and passwords, health card numbers, and lab tests. The joint investigation revealed the company’s failure to implement reasonable safeguards to protect the personal health information of millions of Canadians, violated Ontario’s health privacy law, the Personal Health Information Protection Act (PHIPA), and BC’s Personal Information Protection Law (PIPA).