WINNIPEG -- The Manitoba government says 'human error' resulted in personal information about Children's Disability Services (CDS) clients being unintentionally shared this week.
On Friday, the province said in a news release that the privacy breach occurred on Aug. 26, when staff from CDS "accidentally sent an email intended for the Manitoba Advocate for Children and Youth (MACY) to about 100 agencies and advocacy groups."
The email contained a spreadsheet with information about approximately 9,000 children who are CDS clients, along with information about a matter being reviewed by MACY. The message contained personal information about the children, including their diagnoses and addresses, but did not include personal health identification numbers, social insurance numbers, or any financial information. The province said the spreadsheet was password-protected, but the password for the spreadsheet was also provided.
"The mistake was human error, however the department is following up with staff to review and improve processes to avoid this happening again," the province wrote.
On Thursday, the province said it called the service agencies and advocacy groups that erroneously received the email to confirm it was deleted. Manitoba Families said it is calling the affected families to advise them of the breach and apologize for the error and will follow up with clients by email or mail.
MACY has been informed of the issue and the breach has also been referred to the Manitoba Ombudsman.
In a statement, MACY said it is working with the province to determine the nature and scope of the breach.
"Going forward, the Advocate will be meeting with government and relevant organizations and then will set the procedures on the ways in which information must be supplied," the statement reads. "The Advocate also spoke with senior department personnel to express serious concern that the department would be carbon copying any additional recipients on an official information request during an investigation and systemic review."