‘Unprecedented’ breach of electronic records in PEI

CHARLOTTETOWN, P.E.I. – An investigation has determined that a hospital employee viewed the personal electronic files of 353 patients over the last three years – an unprecedented breach in Prince Edward Island.

Health P.E.I.’s acting chief executive officer Denise Lewis Fleming (pictured) said the organization has never dealt with a privacy issue of this magnitude. Lewis Fleming credits a nurse manager for detecting the breach in October.

Lewis Fleming said the former employee, who has been terminated, was a caregiver who worked with patients in various units of the Queen Elizabeth Hospital in Charlottetown.

She said the former employee chose not to reveal why he or she accessed the records. Lewis Fleming cannot speculate on the motive.

She added no link has been identified among the hundreds of patients that had their personal files breached.

As well, there was no clinical requirement for the former employee to access the personal health records.

“This individual broke the rules, violating the privacy and confidentiality of Islanders who entrust our healthcare system and our staff to safeguard their personal health information,” said Lewis Fleming. “This is unacceptable.”

She added Health P.E.I. does not have any reason to believe that patients’ personal health information has been further disclosed or misused, but the incident is still under investigation.

Lewis Fleming said Health P.E.I. will inform all 353 patients by mail that their personal health information was inappropriately accessed. “Ensuring the safety, privacy, and confidentiality of our patients is of utmost importance to us,” she said.

She added Health P.E.I. is working with all staff to ensure that they understand their duty to maintain the integrity of patients’ right to privacy and confidentiality that includes appropriate access of personal health information.

The incident has been reported to the Charlottetown Police and to P.E.I. Privacy Commissioner Karen Rose.