Privacy breaches following the Lapu Lapu Day Festival - DataBreaches.Net

Privacy breaches following the Lapu Lapu Day Festival - DataBreaches.Net

Briefly

"Between April 30, 2025 and June 20, 2025 the OIPC received breach notifications from the Vancouver Coastal Health Authority (VCH), the Fraser Health Authority (FHA), Providence Health Care (PHC), and the Provincial Health Services Authority (PHSA) for privacy breaches associated with the tragedy that occurred at the Lapu Lapu Day festival on April 26, 2025. These incidents involved intentional, unauthorized access to patient personal information - often referred to as "snooping"- by employees."

"Half of the individuals who received care at medical facilities following the tragedy subsequently had their privacy breached. In total, 71 snooping incidents on the medical records of 16 individuals were reported. These breaches were committed by 35 employees of the health authorities and PHC, in one other case, by an assistant at a physician's office who had access to an FHA electronic medical records system. In most cases, these employees invaded individuals' privacy to satisfy their own curiosity."

"Snooping is illegal, unethical, and an egregious and intentional invasion of our privacy. These actions lead to negative outcomes for all involved. It is an affront to our dignity and autonomy in terms of being able to keep our health information private. It also breaks trust with those in health care that are serving us in a time of need. It could not be simpler: providing care for individuals also means respecting their privacy."