Stu Neatby reports:
Health P.E.I. is reviewing its health record procedures after P.E.I. Privacy Commissioner Karen Rose released two reports last month detailing instances of privacy breaches by employees.
Rose carried out investigations after two separate complaints were lodged concerning unauthorized disclosure of private health information. Both reports concluded the health information was compromised, but Health P.E.I. took appropriate action.
One was a complaint against an employee who was alleged to have inappropriately accessed the health information of patients. Two of the three patients in question were related to the employee.
The investigation found the employee had accessed the patient charts, but “only did so to find out their room numbers to visit them.”
The other complaint concerned a posting made on a closed Facebook page set up by employees to discuss work-related matters. Another employee made a single posting, which was seen by 60 individuals, about the care of a resident of a long-term care facility. The individual was identified by initials.
Read more on Journal Pioneer.
Normally, these types of incidents are reported on my companion site, DataBreaches.net. If these types of breaches are of interest to you, you might want to explore that site using the “Health Data” or “Insider” categories.
One day, I’d love to have a Boolean “and” feature that would allow searches for “Non-U.S. + Health Data + Insider,” but in the meantime, just be aware that the types of breaches mentioned in this news report – employee snooping (often involving relatives of the employee) and/or improper disclosure in social media are all-too-common and ongoing privacy concerns. While software and technological solutions may help prevent some problems, training employees, retraining them, and promptly and consistently enforcing stern discipline – including suspensions of professional licenses – is needed to develop a culture of more privacy protection in the healthcare sector.