Barbara Cotter reports:
A Colorado Springs city health employee recently accused of inappropriately accessing about 2,500 Memorial Health System patient records claimed that “it’s pretty damn common” for medical professionals to peek at files for unwarranted reasons.
“Common” might be overstating things, but statistics suggest it happens more often than patients might realize.
Since 2008, Memorial Health System has had 22 employees who either resigned or were fired in connection with patient privacy issues, including a woman who lost her job earlier this year for breaching 135 patient records to create a database of her friends’ birthdays. Penrose-St. Francis Health Services declined to provide information on breaches at its facilities or discuss the issue.
[…]
Memorial has about 5,000 authorized users of Physician Link, said hospital spokesman Brian Newsome, and compliance director Wyckoff said the hospital system meets all federal requirements for patient privacy. But because of the incident involving Niell, which came to light on May 20 and is said to be Memorial’s worst-ever breach, hospital officials put together a task force to improve security. Some measures identified by the group have been implemented, Wycoff said, and the hospital is looking into software to better alert security officials when there’s unusual activity in the data system.
The hospital also is required to notify patients whose records were breached, and they’re advised to obtain credit reports, review credit card information and contact police if they want to pursue a complaint. But courts have determined they don’t have the right to sue, said assistant city attorney Dale Agathe.
Read more on The Gazette.