Yes, OceanMD has completed or participated in the following privacy/security audits for Ocean:
- OceanMD Privacy Impact Assessment (PIA), audited by MNP (revised July 2023; see attached)
- Threat Risk Assessment (TRA) by Cycura Data Protection Corporation (October 2021).
- Privacy/Security Assessment by Shoppers Drug Mart (April 2018)
- Privacy/Security Assessment by TELUS (Sept 2016)
- Threat Risk Assessment (TRA) by MNP (May 2016; summary available by request).
- Assessment by Sunnybrook Health Sciences Centre (April 2014)
- Assessment by St. Michael's Hospital (July 2013)
Note that this is not an exhaustive list; other healthcare organizations have done assessments in which we have either not been be directly involved or have been asked not to disclose.
* As per industry best practice, we do not publish or send full TRA documents electronically. Stakeholders who have a legitimate need to review the full TRA document may do so on site in our Toronto office after signing a non-disclosure agreement.