Privacy breach in New South Wales resulting in 1,000 medical records involving 400 patients of Aged Care Facility

August 5, 2018 |

A problem which predates the My Health Records Act is the poor state of data security in the Health Sector.  It is a chronic problem.  The extent of the problem is highlighted in the discovery of 1,000 medical records relating to 400 patients of an Aged Care centre found in a building in South Sydney and 7,000 patient records exposed on line at South Australia’s Women and Children’s hospital.

The Hong Kong Department of Health was recently hit with a ransomware attack.   And in Nova Scotia the Privacy Commissioner has investigated a privacy breach by a pharmacist employed by a large pharmacy chain who viewed the private medical records of 46 people who were not that person’s patients, including a child who was a friend of her child, that child’s parents, friends and teachers as well as the pharmacist’s family members.  She used a fake customer profile to mask her activities and falsely claimed the individuals had consented. The Pharmacy Chain, Sobeys, was roundly criticised for being tardy and its inadequate investigations.

These instances highlight why proper privacy protections, and consequences for not installing and maintaining those protections, needs to accompany any digital health records system.

Leave a Reply

Verified by MonsterInsights