Has OceanMD completed any privacy audits, security audits or Privacy Impact Assessments for Ocean?

Yes, OceanMD has completed or participated in the following privacy/security audits for Ocean:

  1. OceanMD Privacy Impact Assessment (PIA), audited by MNP (revised July 2023; see attached)
  2. Threat Risk Assessment (TRA) by Cycura Data Protection Corporation (October 2021).
  3. Privacy/Security Assessment by Shoppers Drug Mart (April 2018)
  4. Privacy/Security Assessment by TELUS (Sept 2016)
  5. Threat Risk Assessment (TRA) by MNP (May 2016; summary available by request).
  6. Assessment by Sunnybrook Health Sciences Centre (April 2014)
  7. Assessment by St. Michael's Hospital (July 2013)

Note that this is not an exhaustive list; other healthcare organizations have done assessments in which we have either not been be directly involved or have been asked not to disclose.

* As per industry best practice, we do not publish or send full TRA documents electronically. Stakeholders who have a legitimate need to review the full TRA document may do so on site in our Toronto office after signing a non-disclosure agreement.


Have more questions? Submit a request