The commissioner's office made a number of recommendations, including to "Disclose the details of the disciplinary action taken against the employee to the affected individual(s) and to all regional health authority employees and practitioners." The hospital however feels that would be disclosing personal information. The commissioner agrees but stated "however, given the seriousness of employee snooping and how it undermines patient trust, I would argue that there is a public interest disclosure of such personal information".
"given the seriousness of employee snooping and how it undermines patient trust, I would argue that there is a public interest disclosure of such personal information."The privacy breach came to light in early 2015 through a regular audit. While the commissioner recommended "monitor employees who have snooped for a period of years instead of months" all employees and contractors should be monitored frequently to proactively detect insiders who steal IDs or breach data privacy. This can effectively and efficiently be accomplished by utilizing low-cost on-demand SaaS analytics services.
- Saskatchewan information and privacy commissioner
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Sask. privacy commissioner, SHRA at odds over privacy breach - www.GlobalNews.ca, 08/04/2015