The Waterloo Regional Health Network (WRHN) is warning that patient information may have been compromised in a recent security breach.
A letter signed by WRHN’s Manager of Privacy & Chief Privacy Officer, Gillian Hearns, was sent out to patients, noting the risk of personal health information being impacted is low, but cannot be ruled out.
On Feb. 6, WRHN was contacted about a security incident that impacted its connection to the Health Report Manager (HRM) service, which is an OntarioMD service used to send patient care information from the hospital to a patient’s family doctor.
WRHN’s internal systems were not impacted.
Though WRHN said the incident was “contained” in mid-January, it said it can’t rule out the possibility that personal health information (PHI) was impacted.
This included the information of around 150,000 patients who received care at WRHN between April 2025 and January 2026.
The letter sent to the impacted patients stressed that WRHN officials do not believe any of that information has been misused.
“Based on our investigation to date and our ongoing monitoring efforts, we believe the likelihood of misuse to be low. As always, you should be on guard for suspicious communications related to your health and your health care,” reads the letter.
“No other precautions are necessary at this time, but if you notice anything suspicious that you believe may be related to this incident, please contact us.”
You can contact them at investigation@wrhn.ca or 519 744 4248.
“Protecting the privacy and security of our patients’ health information is a top priority at WRHN. We sincerely apologize for this incident and any distress it may cause.”
In that letter, WRHN officials added the incident has been reported to the Information and Privacy Commissioner of Ontario and they expect an investigation will be conducted.
