The province’s privacy commissioner has found that Medicentres contravened the province’s Health Information Act (HIA) when they failed to protect the privacy of more than 600,000 Albertans.
The investigation was launched in January after a laptop with unencrypted personal health information of 621,884 patients was stolen in September.
The laptop contained the names, dates of birth, provincial health card numbers, billing codes and diagnostic codes of the individuals seen at Medicentres between May 2, 2011, and Sept. 10, 2013.
Privacy Commissioner Jill Clayton concluded that “Medicentres contravened the HIA by failing to consider privacy risks and by failing to take reasonable steps to safeguard health information on a laptop computer.â€
Clayton also found Medicentres did not provide guidance to the contracted IT consultant regarding the protection of health information.
As of Friday, Medicentres has not accepted the investigation recommendations.