Arthur White-Crummey reports:
The Prince Albert Parkland Health Region has fired an employee for allegedly “snooping” into the medical records of her own family members.
According to a report of the Information and Privacy Commissioner, the employee improperly accessed the patient information of 14 people, including several family members. The health region detected the breach on June 14 through an audit.
The employee, who is not named in the report, had already been disciplined for similar behaviour. In May, she allegedly snooped on two patients using the Pharmaceutical Information Program and was suspended for five days.
Read more on Prince Albert Daily Herald . A search of DataBreaches.net reveals that this is not the first time we’ve seen a report of employee snooping into patient records for this region. I wonder what measures the region has taken that the IPC has found satisfactory.
Related:
Prince Albert Parkland Regional Health Authority August 31, 2017
HIPA 2(m), 2(q), 2(t)(ii), 2(u), 23(1), 26(1), 26(2); LA FOIP 2(f)(xiii), 28(2)(s); LA FOIP Reg 10(g)
Through an audit and an investigation, Prince Albert Parkland Regional Health Authority (Parkland) detected that an employee snooped into the patient records of 14 individuals, including several family members and her own patient record. The Information and Privacy Commissioner (IPC) agreed with Parkland’s finding that the root cause of the privacy breach was the employee intentionally breaching privacy. He also found that Parkland has taken appropriate steps to prevent similar privacy breaches in the future. The IPC made a couple of recommendations, including Parkland forward its investigation file to the Ministry of Justice, Public Prosecutions Division to determine whether an offence has occurred and whether charges should be laid under The Health Information Protection Act (HIPA).