Privacy breaches are often caused by simple things that should be easy to avoid. Take, for instance, the Elections Ontario lost USB keys. The Ontario Privacy Commissioner’s recent news release points to “systemic failures“, and failure to build privacy into their routine information management practices. The details point to a series of simple failures, including failure to follow a policy that required encryption, a lack of understanding of front line staff of how to encrypt or what that meant, and a continuation of the same practices after the loss. The Commissioner recomended that Elections Ontario retain a third party privacy auditor to look at their policies and procedures, develop a staff training program, and cre