A day after it was revealed 7,500 British Columbians had their medical information compromised as the result of a breach in the province’s prescription medication dispensing information system, the B.C. premier is speaking out saying anyone who is found to be responsible for the breach will lose their job.
Letters were sent out at the beginning of February indicating that there was a breach to the PharmaNet system, which carries personal information for British Columbians such as their full names, addresses, CareCard numbers and even medication history.
A statement released by the Ministry of Health on Wednesday suggested it became aware of “unusual PharmaNet activity” as early as last fall.
An investigation and an independent security review of PharmaNet are underway and police have been notified.
The investigation has affected 14 physicians and 7,500 individuals, who have had their basic profile viewed. Another approximately 80 individuals also had their recent medication history viewed.
Christy Clark says she is “profoundly disturbed” by the breach.
Clark says anyone in her government who is found to be responsible for the breach will face repercussions.
“If anyone in the government, anyone in the employ of the public service, anyone who gets their fees from the government is found to be responsible for this, they will be fired immediately,” Clark said. “Any further action that needs to be taken against them as an individual will be taken. This is a deeply concerning issue for all of us.”
WATCH: The B.C. government is admitting up to 7,500 people have had their personal information compromised after a security breach with the PharmaNet system. The NDP says the government isn’t doing enough to protect British Columbians.
Clark promised the investigation will be thorough.
“Everybody in this province wants to know that our health information is kept confidential,” she said. “There are very few things in your life as private as some of the details of the medication that you are taking and the illnesses you may have experienced. We have an absolute obligation to protect that for people.”
Clark says once the investigation is complete, the results will be made public. She says the people affected have been notified and will be kept up-to-date.
The ministry of health said it has begun to send letters to affected patients and doctors, notifying them of the breach and advising them of precautionary steps they can take to protect themselves from identify theft.
Health Minister Terry Lake was not available for comment when the story broke on Wednesday, but today Lake told reporters he is perplexed by the motivation behind the breach, given some people’s medication history was accessed.
He says the breach took place at four different physician offices. It appears no financial information was compromised, but they are dealing with the situation on an individual basis. Lake also confirmed the government was alerted to the breach by a vendor doing monthly audits for any strange online activity.
B.C.’s Acting Information and Privacy Commissioner Drew McArthur told Global News his office has gone through the process of mitigating the breach with the Ministry of Health.
“It took them several months to get the notification letters out,” McArthur said. “We would have preferred that they notified people earlier, so that people can start to take action to protect their personal information.”
Asked why the ministry took so long to warn those affected by the breach, the health minister said they wanted to make sure they were getting all their facts straight.
“We wanted to make sure we are being very accurate in terms of the information that we are giving out to patients, so they know exactly what was involved,” Lake said. “We had to do some work before we could notify people to try to understand the type of information that was being accessed as well as take steps to talk to physicians.”
This is not the first time the PharmaNet system has been breached. In 2014, about 1,600 people were affected by a privacy breach involving PharmaNet.
“We live in a world where electronic information is susceptible to people accessing it inappropriately,” Lake said. “I think it is a challenge of the 21st century. We need to be ever-vigilant and improve our processes.”
-With files from Jon Azpiri