Office of the Information and Privacy Commissioner
January 18, 2017

Commissioner Releases Privacy Breach Notification Statistics October 1 - December 31, 2016

In our most recent reporting period (October 1 to December 31, 2016), the OIPC received 52 privacy breach reports from 21 public bodies under the ATIPPA, 2015. This is up from the 41 reports from 15 public bodies received in the second quarter of 2016/2017. The two intentional breaches in this period involved inappropriate/unauthorized access to a database.

Privacy breach reports to the Commissioner are used primarily to allow the OIPC to advise public bodies about the breach response process, to discuss ways to avoid similar breaches and also to target specific issues or public bodies for privacy training. If you want the OIPC to deliver training regarding privacy breaches, or any other topic relating to access or privacy, contact our Office to arrange a time.

Summary by Public Body
Advanced Education, Skills and Labour	5
Central Health Integrated Health Authority	1
City of Corner Brook	1
City of St. John's	1
College of the North Atlantic	5
Department of Children, Seniors and Social Development	2
Department of Finance	2
Department of Justice and Public Safety	2
Department of Municipal and Intergovernmental Affairs	1
Eastern Health	4
House of Assembly	1
Memorial University of Newfoundland	3
Multi-Materials Stewardship Board	1
Newfoundland and Labrador English School District	3
Newfoundland and Labrador Housing Corporation	3
Office of the Public Trustee	1
Public Service Commission	1
Royal Newfoundland Constabulary	1
Service NL	10
Western Integrated Health Authority	1
Workplace NL	3

Summary by Breach Type
Email	16
Fax	3
In Person	5
Intentional (i.e. willful breach)	2
Mail Out	20
Other	6

- 30 -

Media contact:

Donovan Molloy, Q.C. Information and Privacy Commissioner 709-729-6309

2017 01 18                              1:30 p.m.