Grey Bruce Health Services posted the following notice on its site yesterday:
Notice of Inappropriate Access to Electronic Medical Records
August 30, 2016
Grey Bruce Health Services has recently completed an investigation into a privacy breach. This investigation was initiated after four individuals came forward with concerns about access to personal information within their electronic medical records.
Results of the investigation indicate that a former employee inappropriately accessed the electronic medical records of 246 individuals over a seven year period from January 2008 to September 2015.
Privacy breaches are not tolerated at GBHS, and the individual involved in this situation no longer works for the Corporation. All individuals involved in this privacy breach have been notified in writing, and a summary of the investigation has been given to the province’s Information and Privacy Commissioner.
This privacy breach does not impact any test results or diagnosis. This breach involves one individual who accessed electronic medical records for no apparent work-related reason. The breach appears to be related to personal curiosity.
GBHS works with all staff to ensure they know the importance of protecting health information and the consequences for breaches in confidentiality. Privacy training is conducted regularly, and all staff sign confidentiality agreements.
We sincerely regret that this has occurred, and we continue to take every opportunity to strengthen staff training and work processes to ensure patient privacy is protected.
h/t, Blackburn News