Inadequate Security, Policies Led to LifeLabs Data Breach of 15M Patients
An audit into LifeLab’s 2019 massive data breach by B.C. and Ontario privacy commissioners found the testing giant collected more PHI than necessary and lacked adequate security policies and procedures to protect patient data.
Ontario and British Columbia Information and Privacy Commissioners have concluded LifeLabs failed to protect the personal health information of the 15 million patients impacted by its 2019 systems breach, due to its failure to implement reasonable security safeguards and policies.
While LifeLabs is a Canadian company, the audit findings can shed light on key areas US providers can focus to bolster their own security programs.
In December 2019, LifeLabs began notifying patients that its computer systems were...