Modernizing Authentication — What It Takes to Transform Secure Access
Marcia Phillips, a former receptionist at the Bath Lodge Practice, a medical office in the UK, has been fined £750 by the Information Commissioner's Office (ICO) for illegally accessing her ex-husband's new wife's medical information (h/t PHIprivacy.net). Phillips has also been ordered to pay a £15 victim surcharge and £400 in prosecution costs.
According to the ICO, Phillips accessed the information 15 times in a 16-month period, but the breach wasn't discovered until Phillips sent a text message to the woman in question referring to information in her medical record.
"This case clearly shows the distress that can be caused when an individual uses a position of responsibility to illegally access sensitive personal information," Deputy Commissioner and Director of Data Protection David Smith said in a statement. "Ms Phillips knew she was breaking the law, but continued to do so in order to cause harm to her ex-husband’s new wife. The nature of her job meant that she will have been in no doubt as to the importance of patient confidentiality. Despite this she repeatedly accessed the victim’s file without a valid reason."