Marci cho, Mr. Speaker. Mr. Speaker, in my Member's statement I talked about the breaches that we have been hearing about now and then with the Health and Social Services system. I would like to ask the Minister what has been done to put safeguards in place to prevent future breaches. Thank you.
Masi. Minister of Health and Social Services.
Thank you, Mr. Speaker. Mr. Speaker, the honourable Member from Tu Nedhe-Wiilideh and I came into this Assembly at the same time in October 27, 2007. In 2008, 2009, 2010, 2011, and 2012, we received reports from the Privacy Commissioner who said this government badly needs a Health Information Act. In 2013, when the Member was the honourable Health Minister, he moved and did first and second reading of the Health Information Act, which was passed in 2014 when I was a Minister. This act is a huge step in the right direction. Prior to this act, the only time health and information breaches became public is when things happened to be faxed to media and they did not escalate to the degree that they did.
Since the Health Information Act has come in, we have an obligation and responsibility to train staff to provide indication to our residents when there are breaches, to notify those affected. We have been able to learn from each of the breaches that has occurred. We are continuing to make improvements.
In 2015, when the act went live, we came up with a health information guidance manual. Based on what we have heard and what we are learned from these breaches, we are doing a major upgrade to that progress manual, the compliance manual. We are continuing to train staff, and we will continue to do so.
I understand one of the committees recently had a meeting with the Privacy Commissioner on her report. I'm looking forward to any more recommendations that come out of that, so that we can continue to work together to strengthen our response to privacy breaches and make sure that our public is informed and breaches are not occurring. Thank you, Mr. Speaker.
Mr. Speaker, the Health and Social Services system is huge, as we all know. There are hundreds of employees, maybe 1,500, 1,600 employees. I would like to ask the Minister if there are designated employees only who handle confidential health records.
There are specific individuals who have been targeted and highlighted as -- I'm blanking on the title of the position. I really apologize. I can't remember the name. They are designated as specific individuals responsible for information.
At the same time, we are also training all of our staff on the rights and responsibilities on privacy. Everybody in the department has been trained. In the territorial authority, we have about 70 percent trained. In Hay River, I think we are at about 40 percent. In Tlicho, we are not quite there. I think we only have about 30 percent trained, but we are working to train everybody regardless of the fact that we have some individuals dedicated with some additional responsibilities to ensure that privacy is maintained and understood when a breach has occurred.
By no means would I ever assume that any employee would breach confidentiality deliberately. I would like to ask the Minister: is there a follow-up with employees when there are breaches to health information?
When there is a privacy breach, every breach to date has been actually significantly different than the one before, except for maybe the faxes that were sent prior to the legislation existing, and which is actually one of the main reasons that we moved forward with legislation. I'm sure the Member remembers.
When an incident occurs, it is investigated. If there is employee responsibility, progressive discipline would have been applied appropriately. Additional training might be provided. Every situation is different, Mr. Speaker. We can't paint every one of them with the same brush, but where appropriate, progressive discipline may apply.
Masi. Oral questions. Member for Tu Nedhe-Wiilideh.
Thank you, Mr. Speaker. Mr. Speaker, I would like to ask the Minister a question on the breaches. When it is a hard copy of a thing, like the box of files, it is easy to say we have recovered them all. Is the Minister confident that information that could be digital or transmitted in various ways have all been recovered? Thank you.
I'm not 100 percent sure what the Member is asking. If the Member is asking whether or not we have been able to maintain all the files on the Simpson case, we believe we have all the files. When it comes to the USB that was lost, the USB was found. When it comes to the laptop that was stolen, it is our understanding that it wasn't encrypted, which was the problem, but also, based on the fact that the computer never connected to the network, we're not sure, we don't believe that information actually was ever public. It doesn't change our obligation or responsibility to notify our residents when there has been a breach. The laptop was never found. The memory stick was found. I'm not sure if I'm answering the question. I'm not sure I fully understood what the Member was asking. Thank you, Mr. Speaker.
Masi. Oral questions. Member for Frame Lake.
