FEATURE: CYBERSECURITY
In a desperate attempt to contain the damage, LifeLabs admitted it had paid a ransom to try to get the stolen data back. But the damage went far beyond dollars. What really made the situation more unsettling was where the data had been stored – on servers in the United States.
That meant Canadian patients’ most private medical information wasn’ t just governed by Canadian privacy laws. It was also open to US jurisdiction and surveillance. For anyone who assumed their data was safely tucked away under Canadian protection, this was a harsh reality check.
The privacy commissioners of Ontario and B. C. later ruled that LifeLabs had failed to protect this highly sensitive information. Their decision was clear: patients had been let down.
And for Canada’ s healthcare sector, the message was equally clear. Data sovereignty could no longer be treated as an afterthought. Where data lives and who
38 INTELLIGENTCIO NORTH AMERICA www. intelligentcio. com