ResearchNet funding decision release incident – update
As previously communicated on July 15, due to a ResearchNet system breakdown on Thursday, July 14, there is the possibility that, during a period of 17 minutes, a maximum of 49 applicants could have seen the reviews of their individual applications including the names of the reviewers.
We want to assure you that CIHR is moving swiftly and diligently to address the incident. We are commissioning an external independent assessment to review the vulnerability, integrity and security of ResearchNet. We are reviewing all related policies, procedures, and technical and mitigation measures to avoid any similar re-occurrence.
Some affected reviewers have asked to be given the name of the applicant(s) that may have seen the reviewer's name. This information is protected under the Privacy Act and we are therefore unable to provide the names. Having said that, CIHR can confirm that, for each affected reviewer, a maximum of 1-2 applicants may have been able to see the reviewer's name. This does not mean that the applicant accessed the review, simply that the applicant may have done so during the 17-minute window.
Further, to address the concerns of many of the reviewers who have contacted CIHR, applicants who may have had inadvertent access to reviewers' names will not be asked to review these reviewers' applications in future competitions.
CIHR recognizes the seriousness of this incident. Collecting and safeguarding information in a secure and authorized manner is very important to us. We have informed the Office of the Privacy Commissioner of Canada.
Please note that we have completed notifications to all reviewers affected by this incident.
- Date modified: