August 29, 2019 — A former billing clerk with Alberta Health Services (AHS) pleaded guilty in Red Deer Provincial Court to illegally accessing health information under the Health Information Act (HIA) on August 21, 2019.
Rosario Aldave was found to have accessed the health records of 52 Albertans without authorization. She received a $5,000 fine and was ordered not to access health information for one year. The unauthorized accesses occurred in Red Deer.
AHS discovered the breaches of health information after it began an internal audit of an electronic health records system. AHS started the audit after being alerted to allegations that Ms. Aldave had accessed health information without authorization. AHS reported the breaches to the Office of the Information and Privacy Commissioner (OIPC) in June 2018.
The OIPC opened an offence investigation and referred its findings to the Specialized Prosecutions Branch of Alberta Justice. Charges were laid in July 2019.
It is an offence under HIA to knowingly gain or attempt to gain access to health information in contravention of the Act (section 107(2)(b)).
This was the second conviction against an individual for knowingly accessing health information in contravention of HIA in 2019. It marked the eleventh conviction under HIA overall.
Source: Office of the Information and Privacy Commissioner of Alberta