Privacy breaches feared for kids in care
New database could raise risk of unauthorized access, expert says
Child welfare workers who pry into electronic records of youth in care are difficult to track, critics warn, with an alert system for possible privacy breaches used only on select files.
Even though there are strict rules on accessing records, inappropriate searches can happen without anyone knowing about them, said Irwin Elman, the provincial advocate for children and youth, in an email.
As children’s aid societies move toward a new centralized database, access to most records from across the province — not just from within an agency — will soon become searchable to workers.
While the Child Protection Information Network (CPIN) database streamlines information collecting and sharing, it may also bring the “possibility for seemingly unfettered access” to sensitive files of youth in care, said Yuan Stevens, a former Ontario Crown ward and a researcher at the Berkman Klein Center for Internet and Society at Harvard University.
Youth should be told in a “no-nonsense way” how their files are protected by legislation and who has seen their file over time, she said.
Stevens grew up in foster care in Orangeville and in the fall will return to her studies at McGill University’s law school, where she is specializing in technology law and privacy issues. She said privacy risks that existed in previous systems can be increased in a centralized database.
The challenge of tracking privacy breaches isn’t unique to the new system, as previous independent children’s aid society databases faced the same problem, according to Elman.
CPIN gives workers access to care history information in a youth’s file within their department. The youth’s health, criminal and legal records are blanked out and require special permissions to access.
Only restricted files, which are few in number, trigger email notifications to a children’s aid society supervisor when an unauthorized person views a record. Youth who have “aged out” of the system are also searchable because there is no retention period for child welfare files.
Last year, 22 privacy violations were reported to the province, including electronic breaches and lost or stolen files
“Even social media platforms have the good sense to ask you to sign a disclosure agreement. But with me, I don’t recall ever giving consent that my data would be available for any kind of search after I age out,” said Jane Kovarikova, a PhD candidate in political science at Western University and a former foster child.
“The thing is, even though there are rules, it’s on an honour system. I wouldn’t know that someone searched my record today,” she said.
Aleem Punja, sector leader for CPIN at the Ontario Association of Children’s Aid Societies (OACAS), said the sector is grappling with how to monitor privacy breaches with the new technology, which is about two to three years away from being fully deployed.
As of March, 15 of Ontario’s 48 societies were using CPIN, including the Children’s Aid Society of Toronto, the province’s largest.
“One of the pillars to CPIN is to have seamless access to information for the purposes of making decisions for child safety,” Punja said.
Each children’s aid society has its own policies as to which case files are restricted and the reasons for it. Some restrictions are court-ordered, but others are applied by the society for reasons including safety and protecting confidentiality.
“That could be someone who is a political, prominent figure that would have a restricted file, or a file on a worker of a particular agency,” Punja said.
Children in the system who have relatives working for a children’s aid society may also warrant a restriction as an added confidentiality safeguard.
However, Punja said whether or not files should be restricted at all is being reconsidered, and given the volumes of referrals made to societies every year, the email notification system on breaches may not be effective.
“The solution is making sure that the folks on the front line have the right code of ethics, that they have the right training, that there are controls from a human resources perspective in agencies to ensure that accessing this confidential information is well understood,” Punja said.
Last year, 22 privacy breaches were reported to the Ministry of Children and Youth Services. This number includes electronic breaches and lost or stolen files.
The ministry hosts youth records on CPIN, but the data is still “owned” by individual societies.
The ministry does not have a quality assurance, monitoring, or compliance role with the data, Punja said, meaning it’s up to the societies to police and report their own privacy breaches.
If there is a suspicion of unauthorized record searches, the aid society’s privacy officer can investigate by requesting an audit log report for that file from the ministry.
In an email to the Star, the Office of the Information and Privacy Com- missioner said “privacy protective measures should be applied consistently to the benefit of all individuals.”
The commissioner’s office said it believes privacy warning flags are effective in “preventing and detecting unauthorized access” and cited their experience in the health-care sector by referencing a Star story about hospital staff inappropriately accessing former Toronto mayor Rob Ford’s health records.