Top News

Health P.E.I. responded adequately in two cases of confidentiality breaches: Rose

P.E.I.'s Privacy Commissioner has concluded that the health information of patients was compromised in two instances, but Health P.E.I. took appropriate action in both cases.
P.E.I.'s Privacy Commissioner has concluded that the health information of patients was compromised in two instances, but Health P.E.I. took appropriate action in both cases. - 123RF Stock Photo

CHARLOTTETOWN, P.E.I. - Health P.E.I. is reviewing its health record procedures after P.E.I. Privacy Commissioner Karen Rose released two reports last month detailing instances of privacy breaches by employees.

Rose carried out investigations after two separate complaints were lodged concerning unauthorized disclosure of private health information. Both reports concluded the health information was compromised, but Health P.E.I. took appropriate action.

Privacy Commissioner Karen Rose.
Privacy Commissioner Karen Rose.

One was a complaint against an employee who was alleged to have inappropriately accessed the health information of patients. Two of the three patients in question were related to the employee. 

The investigation found the employee had accessed the patient charts, but “only did so to find out their room numbers to visit them.”

Related: Action taken following major breach of personal health records at QEH

The other complaint concerned a posting made on a closed Facebook page set up by employees to discuss work-related matters. Another employee made a single posting, which was seen by 60 individuals, about the care of a resident of a long-term care facility. The individual was identified by initials.

Rose found the post had inappropriately disclosed information about a patient. In addition, Health P.E.I. policy prohibits disclosing private information on social media.

“Although it was a closed group, there is no way to ensure that personal health information is properly protected on Facebook or other social media websites,” Rose wrote in her report.

Poll: Do you think your health records are secure?

In both cases, Rose found Health P.E.I. staff had taken steps to investigate the privacy breaches and had taken action to address the access and disclosure of the information.

In an e-mailed statement, a spokesperson for Health P.E.I. said the department takes the privacy and confidentiality of patients seriously.

“Our duty to safeguard personal health information is not just a policy requirement of our organization, it is the law. When we become aware of a potential breach, we respond swiftly, investigate thoroughly, and take appropriate action to safeguard personal information,” the statement read.

“Over the past few months, staff have been reacquainted with these policies and reminded of their duty to maintain the integrity of our patient’s rights to confidentiality.”

According to the statement, all staff at Health P.E.I. are trained in policies concerning health information and are required to sign a confidentiality agreement.

A larger investigation by the privacy commissioner is underway, concerning a former employee who accessed the private information of 353 patients in breach of privacy rules. The findings of the investigation are due to be released in September.

Twitter.com/stu_neatby

Recent Stories