Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Home » Media Releases » Winnipeg Regional Health Authority addresses PHIA breach

Media Release

Winnipeg Regional Health Authority addresses PHIA breach

Winnipeg Regional Health Authority
Tuesday, May 1, 2018

The Winnipeg Regional Health Authority (WRHA) announced today that an extensive audit has confirmed a breach of the Personal Health Information Act (PHIA). A nurse with access to the emergency department information system (EDIS) for their work at one site accessed information inappropriately while working at Grace Hospital outside of the emergency department.

“Access to our emergency data information system is vital for nurses and staff working within the emergency department to ensure they have access to and can share information about the provision of care at any point in their shift,” said Lori Lamont, acting chief operating officer for the WRHA. “The only time that information may be used outside of the emergency department, however, is for patient transfers – which did not occur in this instance.”

A concern about this employee’s use of personal health information was first raised on March 12, 2018 and a manager told the individual to stop accessing the information unnecessarily. A thorough audit was initiated and was completed April 9, 2018 and identified that 1,756 individuals were affected.

During the audit process it was determined there is no evidence that any individual was targeted specifically and that no other hospital information systems were accessed inappropriately. The individual had up-to-date training for the use and access of personal health information and was aware of their obligations under PHIA. The individual has indicated they have not kept or retained any information from these searches and there is no evidence any reports were printed.

“We are contacting all individuals who were affected and encourage them to connect back with our privacy office should they have any concerns or questions about the information they receive,” said Lamont. “We are very sorry for the distress this breach may cause any individuals, who will receive notification in the coming weeks.”