Click here to close now.


News Feed Item

Protecting Canadians' Personal Information at HRSDC

OTTAWA, ONTARIO -- (Marketwire) -- 01/11/13 -- The Honourable Diane Finley, Minister of Human Resources and Skills Development, has issued the following statement regarding the loss of an external hard drive from an HRSDC office in Gatineau, Quebec which contained personal information of 583,000 Canada Student Loans Program borrowers between 2000-2006:

Full details are available in the attached backgrounder.

"I want all Canadians to know that I have expressed my disappointment to departmental officials at this unacceptable and avoidable incident in handling Canadians' personal information. As a result, I have directed that departmental officials take a number of immediate actions to ensure that such an unnecessary situation does not happen again.

"The department will be making every effort to contact the individuals whose information was lost. This includes direct notification to those for whom we have current contact information. I am releasing all details on the breach publicly and we will be working with a number of external partners to ensure that Canadians are made aware of the data loss. The Department is continuing its investigation. The Office of the Privacy Commissioner has been consulted. My office has engaged the Royal Canadian Mounted Police on this matter, given its serious nature.

"I have requested that HRSDC employees across Canada receive comprehensive communications on the seriousness of these recent incidents and that they participate in mandatory training on a new security policy to ensure that similar situations do not occur again. Further, I have instructed that the new policy contain disciplinary measures that will be implemented for staff, up to and including termination, should the strict codes of privacy and security not be followed.

"On behalf of our Government, I want to reassure Canadians that we are serious about protecting their personal information. As Minister, I will ensure that every effort is taken so that HRSDC meets the expectations of Canadians in keeping their information safe and secure."

This news release is available in alternative formats on request.

Follow us on Twitter



In late 2012, the department of Human Resources and Skills Development Canada (HRSDC) informed the Office of the Privacy Commissioner of the loss of a USB key, which contained the personal information of over 5,000 Canadians.

--  While reviewing this incident, departmental officials learned of a
    subsequent serious loss of Canadians' personal information.

--  Although the search is ongoing, an external hard drive has been deemed
    lost from an HRSDC office in Gatineau, Quebec. 

--  The Department is continuing its investigation. The Office of the
    Privacy Commissioner has been consulted. The office of the Minister has
    engaged the Royal Canadian Mounted Police on this matter, given its
    serious nature. 

Details regarding loss of the hard drive

--  A hard drive containing personal information on 583,000 Canada Student
    Loans borrowers dated from 2000-2006 has been deemed lost at an HSRDC
    office in Gatineau, Quebec, although the search is ongoing.

--  The file contained information including student names, dates of birth,
    Social Insurance Numbers, addresses and student loan balances from
    recipients across the country (except Quebec, Nunavut and the Northwest
    Territories as they manage their own student loan programs).

--  Personal contact information of 250 HRSDC employees was also on the hard

--  No banking or medical information was included on the drive.

--  The client information was saved onto an external hard drive as a back-
    up storage option.

Timeline of events

--  November 5, 2012: A HRSDC employee discovered that an external hard
    drive was missing. Search efforts began. 

--  November 28: The Departmental Security Officer was notified.  
--  December 6: Discovery that personal information of Canada Student Loans
    Program clients was on the hard drive. 

--  December 14: The Office of the Privacy Commissioner was notified. 

--  January 7: The incident was referred to the Royal Canadian Mounted

--  January 11: Canadian public was informed of the incident. 

Process for inquiries and more information

HRSDC is sending letters to individuals affected, for whom we have current contact information, to advise them of the incident and what steps to take to help protect their personal information.

A toll-free number has been set-up at 1-866-885-1866 (or 416-572-1113 for those outside of North America) for individuals to verify if they are affected by this incident, and to ask additional questions regarding this issue. Hours of operation will be 8:00 a.m.-8:00 p.m. (EST), 7 days a week, starting Monday, January 14, 2013, for as long as needed.

People with a hearing or speech impairment and using a teletypewriter (TTY) can call 1-800-263-5883. Hours of operation will be 8:00 a.m. -8:00 p.m. (EST), 7 days a week, starting Monday, January 14, 2013, for as long as needed.

All details on this incident and how Canadians can protect their personal information are available at

New HRSDC policy for storing secure information

The Minister has directed that the overall policy for security and storage of personal information at HRSDC be strengthened and improved. The highlights are:

--  New, stricter protocols to be implemented immediately. Portable hard
    drives are no longer permitted. Unapproved USB keys are not to be
    connected to the network;

--  Immediate risk assessments of all portable security devices used in the
    Department's work environment to ensure that appropriate safeguards are
    in place; these assessments will continue on a regular, ongoing basis;

--  Mandatory training for all employees regarding the proper handling of
    sensitive information, including personal information;

--  Implement new data loss prevention technology, which can be configured
    to control or prevent the transfer of sensitive information;

--  Disciplinary measures that will be implemented for staff, up to and
    including termination, should the strict codes of privacy and security
    not be followed.

Alyson Queen
Office of Minister Finley

Media Relations Office
Human Resources and Skills Development Canada

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
As more intelligent IoT applications shift into gear, they’re merging into the ever-increasing traffic flow of the Internet. It won’t be long before we experience bottlenecks, as IoT traffic peaks during rush hours. Organizations that are unprepared will find themselves by the side of the road unable to cross back into the fast lane. As billions of new devices begin to communicate and exchange data – will your infrastructure be scalable enough to handle this new interconnected world?
This week, the team assembled in NYC for @Cloud Expo 2015 and @ThingsExpo 2015. For the past four years, this has been a must-attend event for MetraTech. We were happy to once again join industry visionaries, colleagues, customers and even competitors to share and explore the ways in which the Internet of Things (IoT) will impact our industry. Over the course of the show, we discussed the types of challenges we will collectively need to solve to capitalize on the opportunity IoT presents.
SYS-CON Events announced today that Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, will keynote at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Saviynt Inc. has announced the availability of the next release of Saviynt for AWS. The comprehensive security and compliance solution provides a Command-and-Control center to gain visibility into risks in AWS, enforce real-time protection of critical workloads as well as data and automate access life-cycle governance. The solution enables AWS customers to meet their compliance mandates such as ITAR, SOX, PCI, etc. by including an extensive risk and controls library to detect known threats and b...
Containers are all the rage among developers and web companies, but they also represent two very substantial benefits to larger organizations. First, they have the potential to dramatically accelerate the application lifecycle from software builds and testing to deployment and upgrades. Second they represent the first truly hybrid-approach to consuming infrastructure, allowing organizations to run the same workloads on any cloud, virtual machine or physical server. Together, they represent a ver...
DevOps Summit, taking place at the Santa Clara Convention Center in Santa Clara, CA, and Javits Center in New York City, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait...
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
DevOps and Continuous Delivery software provider XebiaLabs has announced it has been selected to join the Amazon Web Services (AWS) DevOps Competency partner program. The program is designed to highlight software vendors like XebiaLabs who have demonstrated technical expertise and proven customer success in DevOps and specialized solution areas like Continuous Delivery. DevOps Competency Partners provide solutions to, or have deep experience working with AWS users and other businesses to help t...
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
As operational failure becomes more acceptable to discuss within the software industry, the necessity for holding constructive, actionable postmortems increases. But most of what we know about postmortems from "pop culture" isn't actually relevant for the software systems we work on and within. In his session at DevOps Summit, J. Paul Reed will look at postmortem pitfalls, techniques, and tools you'll be able to take back to your own environment so they will be able to lay the foundations for h...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in high-performance, high-efficiency server, storage technology and green computing, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology is a premier provider of advanced server Building Block Solutions® for Data ...
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
DevOps has often been described in terms of CAMS: Culture, Automation, Measuring, Sharing. While we’ve seen a lot of focus on the “A” and even on the “M”, there are very few examples of why the “C" is equally important in the DevOps equation. In her session at @DevOps Summit, Lori MacVittie, of F5 Networks, will explore HTTP/1 and HTTP/2 along with Microservices to illustrate why a collaborative culture between Dev, Ops, and the Network is critical to ensuring success.
The IoT market is on track to hit $7.1 trillion in 2020. The reality is that only a handful of companies are ready for this massive demand. There are a lot of barriers, paint points, traps, and hidden roadblocks. How can we deal with these issues and challenges? The paradigm has changed. Old-style ad-hoc trial-and-error ways will certainly lead you to the dead end. What is mandatory is an overarching and adaptive approach to effectively handle the rapid changes and exponential growth.