Establishing Digital Trust: Don't Sacrifice Security for Convenience
Canada's Eastern Health recently announced that one of its employees had inappropriately accessed 20 patient records.
All affected patients are being notified, and the employee in question has resigned.
"Eastern Health has a zero tolerance for any deliberate breach of patient privacy and/or of the organization's privacy and confidentiality policy," Eastern Health vice president responsible for privacy Beverley Clarke said in a statement [PDF]. "We recognize that it is discouraging when these breaches occur, but we want to assure the people we serve that we hold our responsibility as a custodian of personal health information with the highest regard."
CBC News notes that Eastern Health has dealt with several similar incidents in recent years -- five employees were fired in July 2012 for inappropriately accessing patient records, two clerks inappropriately accessed 46 patients' records in September 2012, and patient data was stolen in two separate incidents in April 2013.
Clarke told CBC News that in spite of regular training, some of Eastern Health's employees clearly don't understand how important data privacy is. "So we continue our education, our training," she said. "Everybody has to sign an oath. We're doing ... random audits. I guess we have to keep moving it forward, just really keep getting the message out there."