Island Health has fired a long-term health-care professional accused of snooping through the electronic health records of 39 patients, including friends, family and co-workers.
The health authority has notified and apologized to the people affected by the alleged breach of privacy. Accessed data ranged from basic contact and demographic information to test results.
The case follows a similar episode last October that resulted in the firing of two nurses.
Island Health’s latest investigation, which began in November, found that the employee used access privileges to look at electronic health records for unauthorized reasons “to satisfy their curiosity about patients with whom they had no care relationship,” Island Health spokeswoman Suzanne Germain said Wednesday.
The employee was fired in early April.
Island Health would not name the employee, give the individual’s job title or say whether the person was a union member, citing privacy legislation.
The Times Colonist has established that the employee was neither a nurse represented by the B.C. Nurses’ Union nor a member of the Hospital Employees’ Union.
Island Health said the employee worked in central Vancouver Island and the people whose files were viewed are from a number of communities on the Island.
The investigation began as the result of an allegation in November regarding inappropriate access to personal information. Concern was expressed and a suspicious pattern of activity was discovered, Germain said.
Island Health found that between January and November 2014, the employee breached the privacy of 39 individuals’ personal health records.
The employee’s access to personal or confidential information was revoked in March and the B.C. Office of the Information and Privacy Commissioner was notified on April 2, Germain said.
In the unrelated case that came to light last October, Island Health fired two nurses after an investigation found they delved into the electronic files of 112 patients, including those of family, friends and co-workers, between January 2012 and October 2014.
“It is disappointing to have had to investigate two separate incidents of snooping within a relatively short time period and Island Health sincerely apologizes, again, to all our clients, patients and residents,” the health authority said in a statement.
As of January 2015, Island Health has found 13 “snooping type” breaches over the past four fiscal quarters, Germain said.
Other than the two most recent cases, the rest of the breaches involved one or two patients, she said.
“It is unacceptable to Island Health when care providers in a position of trust use their access privileges to snoop in patients’ records,” she said.
Island Health’s confidentiality policy sets out specific examples of breaches. They include “unauthorized reading of a patient’s chart” and “accessing information on yourself, children, family, friends or co-workers” that is not directly job-related.
All employees sign confidentiality undertakings as a condition of employment with Island Health, Germain said.
Employees use their credentials and a password to sign into a patient’s electronic health record system. Before the employee can see the record, he or she must indicate their relationship to the patient — registered nurse or physician, for example.
If a breach of confidentiality is found, those responsible can be subject to penalties including firing, withdrawal of privileges or legal action.
