Bob Mackin
Three dozen healthcare workers were caught snooping 71 times on the confidential records of people injured or killed last April at a South Vancouver Filipino community festival.
In most cases, they did so to satisfy their own curiosity.
“They violated the privacy of those who had just been through a terrible and life-changing experience,” said the Office of the Information and Privacy Commissioner’s investigation report, released Feb. 18.
They also abused the trust of patients, employers and everyone who relies on the healthcare system to guard personal information, said Commissioner Michael Harvey.
Makeshift memorial near the scene of the April 26, 2025 Lapu Lapu Day vehicle ramming attack. (Mackin)
What happened
Adam Kai-Ji Lo was charged with second degree murder after he allegedly killed 11 people with an Audi sport utility vehicle at the April 26, 2025 block party.
Vancouver city hall did not deploy vehicle barriers to protect either end of the Filipino festival’s food truck row on 43rd near Fraser. A former police chief working in the city’s FIFA World Cup 26 hosting secretariat warned in 2024 that vehicle ramming attacks are security risk.
Harvey investigated after receiving privacy breach notifications from Vancouver Coastal, Fraser Health and Provincial Heath Services authorities, as well as Providence Health Care, between April 30 and June 20, 2025.
“Half of the individuals who received care at medical facilities following the tragedy subsequently had their privacy breached. In total, 71 snooping incidents on the medical records of 16 individuals were reported.”
Of the employees caught snooping, 15 were nurses and 13 administrative support workers.
Breach aftermath
The report said those caught snooping were disciplined, ranging from letters of expectation to firing. The majority of cases resulted in suspension and, in some cases, employees were reported to their respective regulator.
“Fraser Health notified two individuals and a representative of a deceased individual that their privacy had been breached and conveyed the steps that were being taken to prevent any further harms. Vancouver Coastal Health and PHSA, after assessing the risk of harm to individuals whose privacy was violated, initially took the position that notification was not required and could itself result in further harm.”
Harvey said the health authorities had “elaborate safeguards and procedures to predict, detect, and respond to snooping.”
He said the health authorities have accepted his nine recommendations, including “taking additional preventative measures to strengthen existing processes and ensure disciplinary measures clearly sanction and deter snooping.”
Subscribe to theBreaker.news on Substack. Find out how: Click here.
