Attempt to Extort Toronto Hospital Using Stolen Patient Data
| Attempt to Extort Toronto Hospital Using Stolen Patient Data | |
|---|---|
| Short Title | Medical Transcriptionist Tries to Extort Hospital Using Stolen Patient Data |
| Location | Canada |
| Date | October 2020 |
| Solove Harm | Insecurity, Interrogation |
| Information | Medical and Health, Identifying, Family |
| Threat Actors | A former employee, Toronto hospital |
| Individuals | |
| Affected | Toronto hospital patients |
| High Risk Groups | Medical Patient |
| Tangible Harms | |
A former third-party employee of a Toronto hospital steals patients personal information and tried using it to extort payment from the company.
Description
A former third-party employee has stolen personal information of roughly 150 patients of Toronto-based St. Michael’s Hospital. Allegedly he took them while on duty.
The transcribed clinical notes dictated by St. Michael’s physicians were allegedly used to extort payment from the company. Although the reports included no financial information or insurance numbers, the rogue employee allegedly stole sensitive patient data such as full names, medical and family history, diagnosis, treatment plans and medication.
This can be seen as Insecurity from the side of the hospital. The actions of the rogue employee can be seen as Interrogation.
Breakdown
Threat: Hospital not protecting patients data from being stolen
At-Risk group: Patients
Harm: Insecurity
Secondary Consequences: not known
Threat: Rogue third party employee probing medical records for personal information in order to use it to extort payment from the hospital
At-Risk group: Patients
Harm: Interrogation
Secondary Consequences: not known