News Articles

Happy Data Protection Day!


Hello everyone, today is International Data Privacy Day, a day meant to help people realize the importance of data protection in their lives and teach them how to protect their privacy. Data Privacy Day began in Europe in 1981 as Data Protection Day and commemorated the signing of Convention 108, the first legally binding international treaty to deal with privacy and data protection. In 2008 Canada and the United States adopted this day as Data Privacy Day and it is now led by the National Cyber Security Alliance.


Today businesses, governments, universities and many other organizations come together to mark the occasion by giving presentations and hosting seminars aimed at getting people more interested in their privacy and try to convince them to take actions to improve their privacy online. The Privacy Day Kick-Off event was held earlier today in Washington D.C. and featured the chief privacy officers from Microsoft, Facebook, and Intel among others. Dalhousie University will be celebrating the day with a seminar on February 19th that will include the privacy commissioner of Canada as well as representatives from Microsoft and Dell. Similar events are taking place in all parts of the world as more and more people become concerned about their privacy online.


Data protection is a very serious issue for many people which is why CryptoMill prides itself in providing innovative means of security such as SEAhawk and Circles of Trust. While encryption may not be right for everybody there are several small things that individuals can do to help improve their online security:


• One of the most often repeated, but still important, steps to protecting yourself is to use a unique password; passwords such as “12345” and “password” are not secure.


• Use different passwords for your different online accounts, this will help to stop a data breach from spreading.


• Check the privacy settings of you social media accounts, many people will simply choose the default settings but more secure options are usually available.


• Be careful what you post online. Never post anything you are not comfortable with everyone knowing.


• Make sure your antivirus software is up to date, new viruses are being made all the time and older versions of your software may not protect you.


Even when taking precautions, such as above, data breaches do happen. In the past year Target, Microsoft, Facebook, Twitter, the New York Times and many other big-name corporations have all fallen victim to hackers trying to access users personal information. We hope that you take this day to learn more about online privacy and what more you can do to protect yourself and your data.

Privacy and Security as the Default Standard for the Health Sector


Commissioner Cavoukian urges the health care professionals to secure all portable storage devices – encrypt by default and avoid the harm

TORONTO, December 14, 2012 – As portable storage devices become increasingly prevalent in the health care sector, concerns also arise regarding the privacy and security of personal health information (PHI). Medical professionals in high-availability data environments, from family doctors to large hospitals, need to ensure data security and protect information through encryption as the default, as the potential for privacy breaches that can be costly and cause lasting damage to their reputation. Taking these steps provides a positive-sum, Privacy by Design approach which benefits both patients and caregivers.


That is why Ontario’s Information and Privacy Commissioner, Dr. Ann Cavoukian, is taking a proactive approach and launching a new joint paper on December 14, 2012 at Sunnybrook Health Sciences Centre co-authored with Sam Marafioti, V.P. and CIO, and Jeff Curtis, CPO, of Sunnybrook Health Sciences Centre, and Nandini Jolly, President and CEO of CryptoMill Technologies Ltd. The paper introduces the “Circle of Trust” concept, modeled by CryptoMill Technologies after PHIPA’s “Circle of Care,” which refers to the mobile encryption deployment scenarios and role-based access that enables the free flow of PHI among authorized health-care providers as needed, while at the same time, ensuring PHI remains encrypted and inaccessible to everyone else.


The paper entitled, Encryption by Default and Circles of Trust: Strategies to Secure Personal Information in High-Availability Environments, seeks to stimulate discussion of the challenges and opportunities for assuring PHI security beyond the current state of adoption within health care. In the past, doctors, hospitals and other medical professionals had to deal with stacks of paper-based medical records which are now increasingly moving onto portable storage devices. Commissioner Cavoukian emphasizes the message that, “now is the time to address potential security breaches and additional concerns about privacy. Whether you are a large hospital, a small clinic, a research facility, public service institution, or a private-sector contractor, the message remains the same – encrypt by default and avoid the harm of a privacy breach.”


The paper also examines the challenges of encrypting numerous portable devices in a large and complex health care institution such as Sunnybrook – one of Canada’s largest hospitals, with a world-class reputation for research, innovation and patient care. While Sunnybrook’s current policy is to “encrypt by default,” it is not always easy to ensure in such a large and dynamic operating environment. However, Sunnybrook has shown its leadership in privacy and security practices by understanding the message that health care can benefit from improvements in security technologies and access to information without significant user or institutional burden.


“Electronic health information improves the quality of health care by enabling informed decision-making wherever the information is needed, but mobile devices have to be kept safe,” says Sam Marafioti, Vice President Development and Corporate Strategy and Chief Information Officer, Sunnybrook Health Sciences Centre. “At Sunnybrook, encryption technology is mandatory for all portable storage devices to ensure that personal health information is kept safe and secure wherever these devices go, allowing our health care teams to do what they do best: care for patients.”


Nandini Jolly, President and CEO of CryptoMill Technologies, explains that, “At CryptoMill we take a proactive approach to protecting data and preserving privacy – the very basis of Privacy by Design principles. The necessity to make privacy the default while ensuring a win-win outcome is exactly what we want to achieve by establishing a Trust Boundary solution -- Protect Data, Prevent Accidental breaches and allow for Easy Group Sharing.”

Proudly Canadian