Employee privacy not taken seriously, says lawyer Bob Buckingham

A St. John's lawyer is offering to represent thousands of Eastern Health employees whose privacy was breached as a result of a missing USB flash drive.

• Eastern Health 'tore' offices apart looking for missing flash drive

Bob Buckingham says information contained on the missing flash drive thousands of employee identification numbers, names and social insurance numbers meansemployees arean easy target foridentify theft, ifthe USBfall into the wrong hands.

"The implications can be catastrophic for individuals and extremely damaging overall for various aspects of the economy," Buckinghamsaid in an interview on CBC's On The Go.

Buckingham said the private information, if leaked, could result in false identitiesbeing created across the country, as well as internationally.

"People using it to apply for false passports, access to government agencies for funding there are all sorts of horror stories out there where people have used private information to essentially damage people and then an individual has to spend time, effort, energy and money to correct that situation."

Buckingham is part of a legal team currentlyrepresentingmore than 600,000 clients who have had their personal information lost by Canada Student Loans. That case has been ongoing since 2013.

• Human Resources Canada faces 4 lawsuits over lost data

He's also involved in three breaches of privacy cases, involving employees of Western Health, Central Health and Eastern Health who are believed to have improperly accessed patient's information.

• Privacy breach lawsuit launched against Western Health
• Central Health facing privacy breach of patients' records
• Eastern Health privacy breach triggers lawsuit

In total, 9,000 employees have been affected by the privacy breach.Buckingham said personal information such as one's date of birth, social insurance number and place of work arejust what a fraudsterneeds to fabricate documents.

"That's the start of being able to establish a new identity for someone," he said.

'A collective irresponsibility'

Buckingham said he was disappointed to hear the information stored on Eastern Health's USBdrive wasn't encrypted.

"It's an indication within the corporate world and government agencies that they're not giving enough responsibility, enough thought, to the issue of privacy," he said.

"People are being too lackadaisical with respect to protecting privacy and then that grows into a collective irresponsibility of not seeing it as important, and [not] hammering home the need to have checks and balances in place."

Buckingham advises concernedEastern Health employees, past and present, to have a credit check and he thinksthe health authority should pay for it.

However, he warns that credit checksdon'tcatch fraudsters who use stolen information to apply for jobs, rent properties, apply for a passport or a mobile phone.

Buckinghamsaid some of the employees involved have already contacted him, looking for guidance.

"At this stage it's not outrage at this stage it's concern and upset," he said.

"They want to know what they can do to protect themselves and they want to know where things are going from here because they don't have a lot of information. A lot of people are calling me, wondering what they can do."