Employee privacy not taken seriously, says lawyer Bob Buckingham
A St. John's lawyer is offering to represent thousands of Eastern Health employees whose privacy was breached as a result of a missing USB flash drive.
Bob Buckingham says information contained on the missing flash drive — thousands of employee identification numbers, names and social insurance numbers — means employees are an easy target for identify theft, if the USB fall into the wrong hands.
"The implications can be catastrophic for individuals and extremely damaging overall for various aspects of the economy," Buckingham said in an interview on CBC's On The Go.
If you have been affected please contact our office <a href="https://twitter.com/hashtag/privacybreach?src=hash">#privacybreach</a> <a href="https://t.co/WUXrx03zVN">https://t.co/WUXrx03zVN</a>
—@WeMakeJustice
Buckingham said the private information, if leaked, could result in false identities being created across the country, as well as internationally.
"People using it to apply for false passports, access to government agencies for funding — there are all sorts of horror stories out there where people have used private information to essentially damage people and then an individual has to spend time, effort, energy and money to correct that situation."
Buckingham is part of a legal team currently representing more than 600,000 clients who have had their personal information lost by Canada Student Loans. That case has been ongoing since 2013.
He's also involved in three breaches of privacy cases, involving employees of Western Health, Central Health and Eastern Health who are believed to have improperly accessed patient's information.
- Privacy breach lawsuit launched against Western Health
- Central Health facing privacy breach of patients' records
- Eastern Health privacy breach triggers lawsuit
In total, 9,000 employees have been affected by the privacy breach. Buckingham said personal information such as one's date of birth, social insurance number and place of work are just what a fraudster needs to fabricate documents.
"That's the start of being able to establish a new identity for someone," he said.
'A collective irresponsibility'
Buckingham said he was disappointed to hear the information stored on Eastern Health's USB drive wasn't encrypted.
"People are being too lackadaisical with respect to protecting privacy … and then that grows into a collective irresponsibility of not seeing it as important, and [not] hammering home the need to have checks and balances in place."
Buckingham advises concerned Eastern Health employees, past and present, to have a credit check — and he thinks the health authority should pay for it.
However, he warns that credit checks don't catch fraudsters who use stolen information to apply for jobs, rent properties, apply for a passport or a mobile phone.
Buckingham said some of the employees involved have already contacted him, looking for guidance.
"At this stage it's not outrage … at this stage it's concern and upset," he said.
"They want to know what they can do to protect themselves and they want to know where things are going from here because they don't have a lot of information. A lot of people are calling me, wondering what they can do."