Tamara L. Hunter of Davis LLP writes:
In November 2014, the Saskatchewan Information and Privacy Commissioner (“SIPC”) issued an Investigation Report (No. 088/2013) in a case involving employee “snooping” in personal health records held by the Regina Qu’Appelle Regional Health Authority (the “RQRHA”). The case raises interesting questions about how far a public body should go to prevent future snooping incidents.
The case involved a doctor who had viewed the health records of a nurse employed by the RQRHA in 2012; the health records were stored electronically by the RQRHA. The nurse had been in a motor vehicle accident and was admitted into the Regina General Hospital as an inpatient. Alarmed by the number of people who knew about her accident, the nurse made an access to information request to RQRHA for a record listing the people who had viewed her personal health information – and found out about the doctor’s snooping.
Read more on Lexology.