The private details of around 34,000 individuals who use medical marijuana have been accessed through a medical database controlled by Sunniva Inc.’s Natural Health Services Ltd in Canada.
Patients of the health company were notified last week about the data breach, which took place between December 4th and January 7th of this year.
It is not thought that financial details, credit card information or social insurance numbers were among the data exposed, as such items are not collected from patients.
Diamond and Diamond, a personal injury company said that it may open a class-action lawsuit against Sunniva and Natural Health Services, adding that diagnostic outcomes, health-care numbers and personal contact data had, in-fact, been caught up in the breach.
The firm has been collaborating with data protection and enforcement agencies in Canada to look into the breach and formulate an appropriate response.
Natural Health Services president, Dr. Mark Kimmins said:
“We value our patients and understand the importance of protecting personal information and apologize to the patients whose personal information has been improperly accessed and for any frustration or inconvenience that this may cause,” stated NHS president Dr. Mark Kimmins.
European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.