PIPEDA, or the Personal Information Protection and Electronic Documents Act, is a law in Canada that governs how organizations handle personal information in the course of their business. For healthcare clinics, adhering to PIPEDA is crucial because patient data is extremely sensitive, and protecting this information builds trust and ensures that clinics meet legal and ethical obligations.
A cautionary tale from a Toronto dentist that tells us why cybsersecurity for dental clinics is critical. In fact this is applicable for all healthcare organizations in Canada today. The clinic was hit with a ransomware demand of $150,000, but was saved as they had cybersecurity precautions in place. Goes to say that having good security hygiene, protocols & training in place can eliminate the ‘root canal’ pain for your business.
Regardless of the industry vertical your organization operates in; there is no getting away from compliance with the regulatory framework under which it operates. From the way in which personnel are onboarded (were there any kind of discriminatory actions during the selection process?) to the work conditions which must be adhered to ― health and safety norms set by OSHA and others ― to pay parity; there are numerous laws, regulations, rules, and professional standards which every organization, even those in healthcare, must abide by. Every organization, which benefits from government programs, needs to assure their integrity to stay out of OIG crosshairs.
Never was health information privacy as threatened as when the 75-year old Rolling Stones star Mick Jagger visited the US to undergo a procedure on his heart. When even highly respected newspapers like the New York Times were detailing the kind of cardiac procedure which Mick Jagger had undergone, and how he was resting; you knew that both HIPAA and GDPR had gone for a toss.
