Tuesday, June 5, 2012

Yet Another Patient Privacy Breach Due to Employee 'Snooping' Medical Records in the UK

A staff member may have 'inappropriately' accessed medical records at a medical group in the UK. The data breach only became public because after the organization sent letters to patients apologising for the breach.

One patient angerly complained that the practice would not explain why the perpetrator accessed the records or specify what had been done with the patient data. She were only told that person who did it had been dealt with, but not fired.
"I will be looking into moving to another practice." - Patient of the medical group
The practice has not disclosed how long the employee had been 'snooping' on patient records, how the snooping was discovered, or how many people had been affected.

A statement issued said: “Our patients can be reassured that there has been a thorough investigation and appropriate response and can continue to have the utmost confidence in the service they receive from the practice.”
"I know staff have some access to records, but why was someone looking at mine repeatedly and ‘inappropriately'?" - Patient of the medical group
Asked to explain what it meant by ‘inappropriate’, the medica group's spokesperson said the level and pattern of access to records was deemed inapproptriate. In healthcare 'inappropriate' is typically used to describe an employee accessing data of patients who are not under their care or who are outside their responsibilities.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Breach of privacy at Cupar GP practice - Fife Today, June 3, 2012

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.