Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

GE [April2023]

GE [April2023]

Enovacom EPC

Enovacom EPC

Privacy & Security

Pharmacist snooped on dozens of patients

August 8, 2018


SobeysHALIFAX – Nova Scotia’s privacy commissioner says she’s shocked by how a grocery-store pharmacist was able to snoop into the electronic personal health information of dozens of people she knew.

Privacy commissioner Catherine Tully warns the breach is indicative of a wider national problem – and demonstrates the “real and present danger” of intrusion into patients’ private lives. “This is a pharmacist, a professional with ethical obligations,” Tully told the Canadian Press.

“It’s shocking that somebody in a position of trust would breach that trust so badly and would fail to recognize the importance of preserving the right to privacy and the integrity of the individuals whose information she breached.”

Tully released two reports in July warning the monitoring of electronic personal health information and databases is a “critical vulnerability” in Nova Scotia.

Tully investigated a series of privacy breaches by a pharmacist employed as the manager at a community pharmacy operated by the Sobeys National Pharmacy Group. She said the pharmacist inappropriately accessed the personal information, including prescription history and medical conditions, of 46 people over two years.

The reports found the pharmacist used Nova Scotia’s Drug Information System (DIS) to get information on her child’s girlfriend and her parents, her child’s teachers and former teachers, co-workers, a former high school classmate who had recently suffered a significant illness, and an individual she had been involved in a car accident with, among others.

She also created fake customer profiles enabling her to see patient information through the provincial drug database.

Some pharmacy employees told Tully’s office they had knowledge of the privacy violations, but they were afraid to come forward because the pharmacist was also the manager.

“An employee witnessed the pharmacist access the DIS in March 2017 and then call her spouse on the phone to discuss what she had discovered. The employee heard the pharmacist say that their child cannot see this person because of the medications she and her parent were on,” Tully’s report said.

“An employee reported that she was consulted by the pharmacist to assist in fabricating reasons for her access of the DIS in response to audit activity by the College of Pharmacists.”

The woman was eventually fired by Sobeys.

Tully said this type of “snooping” is not exclusive to Nova Scotia.

“The report points out all kinds of reports from across the country of this kind of behaviour happening,” she said. “I’m really trying to create some urgency around the need to significantly improve oversight of these types of databases.”

Tully determined the Department of Health and Sobeys National Pharmacy Group failed to adequately monitor access to the data, and that investigations conducted by both weren’t adequate.

She said the Health Department initially told her the breaches had been contained and that there was no evidence of malicious intent.

But her investigation found the pharmacist had also disclosed information to her spouse, and continued to use the health information even after her employment was terminated.

Tully makes 18 recommendations aimed at improving auditing programs and strengthening breach protocols.

One repeats a call she made two years ago calling on the Health Department to take a leadership role in the monitoring of misuse of the database and in carrying out investigations. She said an “entity” has to be created to oversee the system and its “big data.”

She also has made a recommendation directly to Health Minister Randy Delorey that the Personal Health Information Act be amended to lengthen the potential prosecution time to two years.

The report says the Act’s current time limit defaults to six months from the date of the offence.

Sobeys did not reply to a request for comment, but in an emailed statement the Health Department said protecting Nova Scotians’ personal health information is of the “utmost importance,” and reported breaches are taken “very seriously.”

“That’s why we’ve been taking steps to improve the system by increasing privacy training for staff and enhancing the collection of information and stats,” the department said.

The statement said the department would review Tully’s report and recommendations and would provide a response within 30 days, as required under the Personal Health Information Act.

Tully said there’s a need for immediate action.

“It will only get worse,” she said. “We need to get on this … it’s really time to take this seriously and do a much better job.”

PreviousNext

CHT print [900×150]

CHT print [900x150]

News and Trends

  • Ottawa’s health information demands will benefit patients
  • AI-powered tool on St. Michael’s surgical unit helps to improve care
  • Bots to help doctors reduce time spent on electronic records
  • Bissell Centre uses analytics to better understand client data
  • Canadian team is making ultrasound easier to use
More from the Print Edition

Subscribe

Subscribe

Free of charge to Canadian hospital managers and executives in nursing homes and home-care organizations. Learn More

Follow us on Social Media!

Follow us on Social Media!

Softworks

Softworks

Cdn Institute HCIwest

Cdn Institute HCIwest

Nihi Spring 2023

Nihi Spring 2023

Advertise with us

Advertise with us

Sectra [Feb]

Sectra [Feb]

Change Healthcare [2]

Change Healthcare [2]

Infoway [April2023]

Infoway [April2023]

Zebra [Mar2023]

Zebra [Mar2023]

RealTime

RealTime

CHT print [900×150]

CHT print [900x150]

Advertise with us

Advertise with us

Sectra [Feb]

Sectra [Feb]

Change Healthcare [2]

Change Healthcare [2]

Infoway [April2023]

Infoway [April2023]

Zebra [Mar2023]

Zebra [Mar2023]

RealTime

RealTime

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 207
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2023 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us