Privacy Incident at St. Mary’s Involving Misplaced USB Stick

March 29th, 2019

St. Mary’s General Hospital has experienced a privacy incident related to a misplaced USB stick that contained patient postal codes, age, gender and generalized details of surgical procedures. After thorough analysis, St. Mary’s has concluded that the risk patient’s personal health information could be identified is very low.

Protecting patient privacy is a priority at St. Mary’s. The incident has been reported to the Information and Privacy Commissioner of Ontario and St. Mary’s continues to work closely with the team to ensure all requirements are met. Files did not contain names, street addresses, phone numbers, email addresses or any other information that could directly identify individual patients.

The misplaced data is limited to patients who received care from the Day Surgery Unit and Catheterization Lab during the time period of April 1, 2017 to March 31, 2018. St. Mary’s sincerely apologizes and regrets this incident. Measures were taken immediately to ensure a secure electronic portal is used to share information with the third party, rather than a USB stick, and that directly identifiable patient information is not shared.

Based on our review, we have concluded that the USB stick was most likely lost and not stolen for any inappropriate use. When we discovered the stick was missing, our team conducted an exhaustive search which ultimately proved unsuccessful in locating the USB stick.

If you have questions or concerns, please call Toll Free 1- 877-253-3662.