Canadian Health employee sacked for looking into health records of patients, including family member

September 12, 2017 |

The Office of the Saskatchewan Information and Privacy Commissioner has prepared a report into the activities of an employee of Prince Albert Parkland Regional Health Authority who accessed the medical records of 14 people including several members of her own family.  While there was a data breach it is relevant to note that the breach was detected during an audit, using a privacy and monitoring program, by the Authority. The authority has had a dismal record in the past with an employee accessing her ex husband and daughter’s medical files in 2016 and another employee accessing records in 2015.

This episode highlights key issues which occur on a regular basis in Australia:

  • data breaches caused by insiders are a constant threat.  They are more prevalent in some industries than others.  Health is particularly susceptible to this sort of problem, with many and varied staff, many access points to information, the information itself being of interest and a generally poor culture in keeping information secure and available only to those who have a need to access it;
  • as important as securing against data breaches is it is equally vital to conduct audits to detect intrusions and determine the damage.  Many organisations do little in this regard.

The employee was fired and may be prosecuted.

One Response to “Canadian Health employee sacked for looking into health records of patients, including family member”

  1. Canadian Health employee sacked for looking into health records of patients, including family member | Australian Law Blogs

    […] Canadian Health employee sacked for looking into health records of patients, including family member […]

Leave a Reply





Verified by MonsterInsights