Office of the Information and Privacy Commissioner
January 18, 2017

Commissioner Releases Privacy Breach Notification Statistics October 1 - December 31, 2016

In our most recent reporting period (October 1 to December 31, 2016), the OIPC received 52 privacy breach reports from 21 public bodies under the ATIPPA, 2015. This is up from the 41 reports from 15 public bodies received in the second quarter of 2016/2017. The two intentional breaches in this period involved inappropriate/unauthorized access to a database.

Privacy breach reports to the Commissioner are used primarily to allow the OIPC to advise public bodies about the breach response process, to discuss ways to avoid similar breaches and also to target specific issues or public bodies for privacy training. If you want the OIPC to deliver training regarding privacy breaches, or any other topic relating to access or privacy, contact our Office to arrange a time.

Summary by Public Body
Advanced Education, Skills and Labour5
Central Health Integrated Health Authority1
City of Corner Brook1
City of St. John's1
College of the North Atlantic5
Department of Children, Seniors and Social Development2
Department of Finance2
Department of Justice and Public Safety2
Department of Municipal and Intergovernmental Affairs1
Eastern Health4
House of Assembly1
Memorial University of Newfoundland3
Multi-Materials Stewardship Board1
Newfoundland and Labrador English School District3
Newfoundland and Labrador Housing Corporation3
Office of the Public Trustee1
Public Service Commission1
Royal Newfoundland Constabulary1
Service NL10
Western Integrated Health Authority1
Workplace NL3
Summary by Breach Type
In Person5
Intentional (i.e. willful breach)2
Mail Out20

- 30 -

Media contact:

Donovan Molloy, Q.C.
Information and Privacy Commissioner

2017 01 18                              1:30 p.m.