Associated Incidents
October 27, 2025
VIA EMAIL
Dear Health Information Custodian:
RE: Reported Breach HR24-00691
On December 17, 2024, you reported a privacy breach under the Personal Health Information Protection Act (the Act) to the Office of the Information and Privacy Commissioner of Ontario (the IPC). The IPC opened File HR24-00691 to deal with this matter.
Overview of the Breach:
Circumstances of Breach
You reported that on September 23, 2024, a virtual hepatology rounds meeting attended by hospital physicians was inadvertently recorded by an artificial intelligence-powered transcription tool, Otter.ai (the "Transcription Tool" or "Tool").
You reported that the Transcription Tool is available on web browsers and as a mobile application. The Tool uses artificial intelligence to transcribe spoken words into text and is designed to allow users to obtain detailed meeting notes and summaries. It is capable of integrating with popular communications platforms like Zoom, Google Meet, and Microsoft Teams, and accessing meeting invitations stored in digital calendars. The Tool has not been approved for use at the hospital.
You reported that a former physician is the account holder of the Otter.ai account responsible for the recording. The physician left his employment with the hospital in June 2023. He installed Otter.ai on his personal device in September 2024.
Although the physician no longer worked for the hospital at the time of the breach, the Tool was able to access the rounds meeting invite via the physician's personal (non-work related) digital calendar because of two critical security gaps. First, the physician used his personal email address (rather than his work email address) in the meeting group, contrary to hospital policy. Second, the meeting organizer did not remove the physician from the meeting invite following his departure from the hospital in June 2023. As a result, the physician retained access to the meeting invite in his personal digital calendar for over a year after leaving the hospital.
Consequently, the Tool was able to join the September 23, 2024 hepatology rounds meeting via accessing the link to it in the physician's personal email calendar and record the meeting without
Tribunal Services Department 2 Bloor Street East
Suite 1400 Toronto, Ontario Canada M4W 1A8
Services de tribunal administratif 2, rue Bloor Est
Bureau 1400 Toronto (Ontario) Canada M4W 1A8
Tel/Tél : (416) 326-3333
1 (800) 387-0073
TTY/ATS : (416) 325-7539
Web : www.ipc.on.ca
notice. This was discovered when a meeting summary and access to a transcript of the recording was automatically emailed to participants after the meeting, including the account holder.
You reported that, to the best of the hospital's knowledge, this was the only hospital meeting invite in the physician's personal calendar that was accessed by the Tool.
Scope
You reported that during the meeting, the personal health information of seven patients was discussed amongst the meeting participants and captured in the transcript. These patients had been admitted to the hospital and were receiving treatment.
The personal health information involved in the breach included patient names, sex, physician's name, diagnoses, medical notes, and treatment information.
Containment:
You reported that to contain the breach, the hospital:
-
Cancelled the digital invite to the Transcription Tool so that it could not join any further meetings.
-
Identified the individuals who attended the meeting and/or received a copy of the email and instructed all copies of the email to be promptly and irretrievably deleted from all applicable systems and devices. You reported that of the 65 users on the recipient list, 53 responded confirming they either deleted the email or never received it. You advised that the remaining 12 individuals appear to have departed from the hospital.
-
Directed staff to remove the Tool and/or any similar tool from any devices that may have access to accounts affiliated with the hospital and communicated to all staff that only approved technology and applications may be used in association with hospital credentials and devices.
-
Instructed and received confirmation from the former physician that he removed all hospital related materials from his personal accounts, systems, and devices in accordance with internal policies.
-
Directed the physician to contact Otter.ai to request the deletion of the information recorded from the meeting. However, you advised that the physician did not respond to this request.
Notification:
You reported that five of seven affected individuals were notified of the breach by letter on December 17, 2024. The notice letters included the following details: the details and extent of the
breach, the steps that were taken to address the breach, that the IPC was notified of the breach, that patients may make a complaint to the IPC and information on how to do so, and the contact information of the individual at the hospital who may be contacted for more information.
You advised that the other two affected individuals are deceased. For one of these individuals, the hospital provided a copy of the notice letter to their estate trustee. For the other, there is no known estate trustee. Accordingly, you uploaded a copy of the notice letter to the patient's electronic health record.
Remediation:
You reported that to prevent further breaches of this kind, the hospital took the following steps:
**i. **Firewalls: The hospital has blocked users from using AI scribe tools such as Otter.ai and deepseek.com while on-site via a firewall configuration.
**ii. ****Updated Training: **The hospital updated its privacy training materials to explicitly address AI tools and the hospital's AI use policy.^1^ The new training content went live in late June 2025 to medical learners and will be going live in Fall 2025 for other hospital agents. The hospital advised that its updated training will also be shared with other hospitals.
This training includes the following language: "All IT resources used for [hospital] work-related purposes, including ones that involve use of AI, must be approved by [the hospital]. Entering PHI/PI/CCI into unapproved tools is a privacy breach and violates PHIPA and professional guidelines, as vendors may misuse [hospital] data for non-[hospital] purposes. A privacy breach may result in disciplinary action, reporting to regulatory college and the Information and Privacy Commissioner and may result in personal fines of up to $200,000 and organizational fines of up to $1,000,000."
**iii. **Updated Policies: The hospital's Appropriate Use of Information and Information Technology policy was revised in June 2025 to address use of AI tools. This policy includes the following provisions relevant to the circumstances of this breach:
o [Hospital] agents must always use only their assigned user ID and passphrase/password ("credentials") to access [hospital] information and IT resources, with the exception of authorized shared/group credentials.
o Use **only **[hospital]-approved IT resources to conduct [hospital] business.
o Use only [hospital]-approved IT resources (including artificial intelligence (AI) tools, automated software/bots, and other IT resources) when PHI/PI/CCI is being entered, handled, or discussed.
| |
| | 
|
^1^ The hospital advised that although the physician had completed privacy training in 2021 and 2022, this training did not address use of AI tools.
o Entering PHI/PI/CCI in unapproved tools is a privacy breach and a violation of PHIPA and professional college guidelines and policies, as vendors may use [hospital] PHI/PI/CCI to train vendor algorithms and for other non-[hospital] purposes.
o Make it a practice to review meeting participant lists for any inclusion of unapproved AI tools or automated agents, and remove them from meetings before proceeding or before discussing any PHI/PI/CCI.
o [Hospital] agents must never use unauthorized digital tools (including AI products such as ChatGPT) for [hospital] work purposes.
Further, you advised that the organization has an AI governance program in place that addresses the procurement, implementation, and use of AI tools at the hospital. This program is overseen by an AI Governance Committee, which includes the hospital's Privacy Office as a member.
Conclusion and Recommendations:
In addition to steps taken by the hospital to contain, investigate, remediate the breach, and notify the affected individuals, I recommend that the hospital take the following further measures below:
- Containment: ===============
**i. **Submit a formal request to Otter.ai to delete any personal health information (PHI) of hospital patients retained from the September 23, 2024 meeting. Though we acknowledge the hospital requested the physician to submit a request himself, presumably on the basis that he was the account holder, the hospital did not receive confirmation from the physician that he submitted the request or that the deletion occurred. Further, as the custodian of the personal health information at issue, the hospital should have submitted its own request to Otter.ai to delete the PHI at issue in effort to contain the breach.
**ii. **For the 12 recipients who have not confirmed deletion of the email and have since left the hospital, proceed with deleting the email from their hospital email accounts. If any of these recipients received the email via an external (non-hospital) email account, follow up with them to confirm that it has been deleted.
- Remediation ==============
**iii. ****Breach Protocol: **Update your privacy breach protocol to require the Privacy Office to directly and immediately contact third-party organizations to request the deletion of any PHI collected without authorization in circumstances similar to this breach (rather than rely on the individual account holder to do so).
**iv. **Acceptable Use Policy: Update the hospital's Acceptable Use Policy to make it clearer that agents must only use hospital-approved devices to conduct hospital
related work (such as to attend work meetings) and not use their personal devices for such purposes.
**v. **Offboarding audit: Conduct an audit of the hospital's employee and physician offboarding process to verify that proper procedures are in place to ensure all access to hospital information systems, including access to calendar invites, is immediately revoked upon departure.
**vi. **Mandatory meeting lobbies: Technically enforce the use of a "lobby" for all virtual meetings in which PHI is discussed by requiring the host to manually approve each participant. This will help decrease the possibility of an unauthorized AI tool automatically joining the meeting as a participant.
**vii. **AI governance and accountability framework: Ensure the hospital's framework for the procurement, implementation, and use of AI scribes complies with the guidance set out in the IPC's presentation on AI in Ontario's Health Sector.
As set out in this presentation, an AI governance and accountability framework should include the following components:
o AI governance committee
o Policies, practices and procedures
o Training and awareness
o Initial and ongoing assessment, monitoring, and testing
o AI risk management framework
o Human oversight
o Complaint and inquiry mechanisms
o Recourse, reporting, and notification mechanisms
o Confidentiality and end user agreements
o Contractual safeguards
**viii. **Consequences of a privacy breach: Update all applicable hospital policies, procedures, and training materials to reflect that privacy breaches may also result in administrative monetary penalties under PHIPA.
We also urge you to review and follow the guidance set out in the IPC's guidance documents Responding to a Health Privacy Breach: Guidelines for the Health Sectorand Detecting andDeterring Unauthorized Access to Personal Health Informationto ensure that your practices, policies, and procedures are sufficient to minimize the risk of a future breach. Additionally, we recommend you use this incident as an example in your upcoming privacy training with staff to remind them of their obligations under the Act and to prevent further breaches of this kind.
We ask that you provide our office with an update on the status of the abovementioned recommendations by January 27, 2026.
Please note that the IPC may re-open this matter if additional information comes to our attention suggesting a need for further inquiry.
Yours truly,
Denise Eades Analyst