Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

GE Revolution Ascend

GE Revolution Ascend

Enovacom EPC

Enovacom EPC

Privacy & Security

NS probe uncovers more than 1,200 privacy breaches

February 15, 2023


Alicia RalphHALIFAX – As part of an ongoing investigation, more than 1,200 privacy breaches were discovered at Nova Scotia Health. The effort began in August 2020, when the organization discovered eight employees snooping into the electronic health records of people associated with the mass casualty events of April 18 and 19, 2020.

Further investigation revealed that the workers had looked into many patients’ records over many years. “They looked up friends, colleagues, and acquaintances when they were not providing care to these people,” a release from the privacy commission said.

In total, the probe uncovered more than 1,200 privacy breaches affecting 270 people, according to a news release from the Nova Scotia privacy commissioner’s office.

The eight employees included a booking clerk, a booking and registration clerk, a ward clerk, a nurse navigator, a nurse practitioner, an admitting clerk, a secretary at an outpatient clinic and a secretary at a regional hospital.

The penalties against the employees ranged from verbal warnings and one-day suspensions to termination.

In some cases Nova Scotia Health did not properly follow up on the breaches or ignored its own policies, Privacy Commissioner Alicia Ralph (pictured) said in her report on the situation.

The nurse practitioner’s access to electronic systems was never suspended and there was no additional auditing of the NP’s activities, a contravention of policy.

The admitting clerk had access to health records throughout the NSH investigation. The worker was eventually fired but continued to have access to NSH systems three days after the termination.

The secretary at the outpatient clinic, who was responsible for 612 privacy breaches affecting 146 people, was fired on June 19, 2020, but their access to NHS systems wasn’t cut off until July 6, 2020.

The booking clerk, who was responsible for 524 breaches affecting 101 people, was fired on Aug. 4, 2020.

The commissioner did not release locations of the places where the breaches occurred.

Nova Scotians have no choice but to trust NSH with sensitive personal health information if they are to receive healthcare, the release said.

Ralph determined that while NSH does have privacy-relevant policies and protocols, they are at times outdated, unclear and in many cases not followed.

“Robust policies, compliance monitoring, and strong training along with enforcement of penalties for non-compliance are essential to protecting the privacy rights of Nova Scotians,” Ralph said in the release.

In 2016, NSH implemented a provincial privacy office with a privacy manager leading a team of four officers, one for each health zone.

But Ralph found weaknesses in NSH’s response to the breaches. She said policies, training and penalties are not always enough to deter some employees from snooping. NSH should take steps to revamp its electronic information systems so only those who have an active clinical relationship are allowed to view that patient’s medical information.

“If you can’t access the information, you can’t snoop into it.”

Ralph made 12 recommendations to NSH that aim to correct weaknesses in its information practices with the goal of preventing future privacy breaches.

The release said NSH is considering the report “and has preliminarily indicated that it intends to accept most of the recommendations. NSH will have 30 days to formally decide whether it will follow Commissioner Ralph’s recommendations.”

In general, she wants NSH to strengthen its privacy management program.

“Privacy should be a core organizational value baked into day-to-day operations.”

In an emailed statement, NSH offered an apology to the patients whose information had been compromised.

“This breach added further unnecessary harm to the families of those who lost loved ones in April 2020. We deeply regret that this breach took place. It is essential that Nova Scotians trust us to protect their personal health information. It is shared with us at a time when you’re at your most vulnerable and should never be subject to the curiosity of others.”

The snoopers’ actions do not reflect its corporate culture or the behaviour of most of its staff and physicians, the statement said.

PreviousNext

CHT print [900×150]

CHT print [900x150]

News and Trends

  • NS improves care by deploying Command Centres
  • Panel identifies threats from faxes, snooping, cyber-attacks
  • Bringing portable X-ray imaging to Canada’s remote communities
  • In Ontario, real steps are being taken to reach EHR interoperability
  • Care-givers need improved technology to reduce stress in the LTC sector
More from the Print Edition

Subscribe

Subscribe

Free of charge to Canadian hospital managers and executives in nursing homes and home-care organizations. Learn More

Follow us on Social Media!

Follow us on Social Media!

Softworks

Softworks

Nihi Spring 2023

Nihi Spring 2023

Advertise with us

Advertise with us

Sectra [Feb]

Sectra [Feb]

Change Healthcare [2]

Change Healthcare [2]

Infoway [March2023]

Infoway [March2023]

Zebra [Mar2023]

Zebra [Mar2023]

RealTime

RealTime

CHT print [900×150]

CHT print [900x150]

Advertise with us

Advertise with us

Sectra [Feb]

Sectra [Feb]

Change Healthcare [2]

Change Healthcare [2]

Infoway [March2023]

Infoway [March2023]

Zebra [Mar2023]

Zebra [Mar2023]

RealTime

RealTime

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 207
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2023 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us