When you visit any healthcare facility, you provide your personal information to help healthcare professionals diagnose or treat you. Healthcare professionals who are privy to the details you provide should only access that information in order to assist you in remedying any health and well-being issues related to that specific diagnosis.
Unfortunately, a few cases of privacy breaches in Ontario hospitals have come to light.
At the end of November, a former hospital clerk at Rouge Valley Centenary Hospital was charged by the Ontario Securities Commission with the “misuse of confidential information.” She has been charged with unregistered trading for her role in creating, selling and receiving money from unauthorized access and use of confidential maternity patient information. The clerk appeared in court on Dec. 12.
The charge stems from a major investigation into the sale of personal information of more than 8,300 mothers who gave birth between 2009 to 2013, which was retailed to companies selling Registered Education Savings Plans.
Two employees were paid money from these companies, which violates the hospital’s policy. The situation came to light after one of them voluntarily admitted their involvement in October 2013 and the hospital notified affected patients, according to the Toronto Star. An internal investigation was launched and a few months after, photocopied patient records were found in the hospital. The institution discovered the other leak and informed affected patients. Both employees no longer work at the hospital and the situation was reported to the Office of the Information and Privacy Commissioner. It’s believed that the employees weren’t working together.
After the incident was publicized in the media, this prompted other hospitals to review policies for accessing patients’ records.
It was discovered that six Toronto hospitals, Mount Sinai, North York General, St. Joseph’s Health Centre, Humber River, Toronto East General and Rouge Valley Health System, compromised the data of new mothers by inappropriately providing excess information to a baby photography company, according to the Toronto Star.
Hospitals were only supposed to provide a name and room number, but instead the hospitals provided the mother’s age, how long she stayed at the hospital, the attending physician, type of diet, reason for hospital admission, type of delivery and the baby’s delivery date, according to the Toronto Star. This issue goes back as far as 2009 and affected as many as tens of thousands of mothers. Some hospitals no longer work with the baby photography company, while others have revised their policies to limit the information provided.
While at Lakeridge Health in Oshawa, it was discovered that 14 staffers inappropriately accessed 578 files dating back to 2004, according to the Toronto Star. The hospital notified affected patients and none of the information left the institution. Some of the information accessed was for mental health patients, which included files of some of the staffer’s family members or relatives of patients within the hospital’s programs. Employees were disciplined, though details weren’t provided, and staff are now being prompted sign a code of conduct every year.
You have the right to expect that your health records will be kept private and only accessed by healthcare workers when figuring out a diagnosis or treatment. The personal injury and accident lawyers at Neinstein have been handling all types of injuries for 45 years including injuries from medical malpractice. We understand the impacts injuries can have on your life and we know how to help you. Call us at 416-920-4242. Set up a free consultation and come talk with us.