In November 2020, our CFFM FHT was subject to a Ransomware attack.
All files that were on our main system, not in our Electronic Medical Record, were locked. Nothing in the electronic medical record system that we use was involved. Some patients who have been with our physicians prior to 2005 may have old paper “charts” that were converted to files that were stored on our network where the Ransomware took place.
After our investigation, we do not believe that any files were taken, however we cannot be 100% sure. We believe the files were just locked in an attempt to collect a ransom from us.
We have extensive back-up systems in place, so no information has been lost and everything is restored. We have put in place many enhanced security measures to prevent another ransomware attack, such as additional training for staff, upgrading of all computers and enhanced server policies to lockdown systems if any ransomware is detected earlier.
If you have any concerns, you may reach Jenn Metzloff, Privacy Officer at 519 783 0020 ext 3076. You are also able to make a complaint directly with the IPC.
2 Bloor Street East / 2 rue Bloor Est . Suite 1400. Toronto, Ontario M4W 1A8
The Ministry of Health and Long-Term Care and the Office of the Privacy Commissioner stipulate that all Family Health Teams must be in compliance with Provincial Privacy Legislation, specifically Bill 31: The Personal Health Information Protection Act (PHIPA), which came into effect on November 1, 2004. This is The Centre for Medicine, Family Health Team’s (CFFM) Privacy Statement.
The Physicians and Staff at The Centre for Family Medicine are bound by law and ethics to safeguard your privacy and the confidentiality of your personal information.
We collect, use and disclose your personal health information to:
Your request for care implies consent for our collection, use and disclosure of your personal information for purposes related to your care as noted above. All other purposes would require your express consent.
We may share your health information with other healthcare providers who also provide health care to you. We may a times obtain personal health information or share personal health information about you through a provincial repository in order to provide timely, informed health care to you.
You have the right at any time to withhold or withdraw your consent to disclose personal health information. You will be required to sign the appropriate form which will be forwarded to the Privacy Officer.
519-783-0020 ext 3076