Ca: Patients notified after insider breach at Eastern Health
Tara Bradbury reports:
With her daughter undergoing chemotherapy treatments for cancer, it’s understandable that Holly Denine’s heart jumps up in her throat every time her phone rings and a 777 number appears.
Thursday morning, it happened — but it wasn’t bad news about the health of six-year-old Nevaeh. Eastern Health managers were calling to let Holly know Nevaeh’s medical information was involved in a privacy breach.
Eastern Health confirmed in a media release Thursday afternoon that a clerk based in St. John’s has been fired for inappropriately accessing the health information of 25 patients. The person accessed the files over a period of several months, and was discovered in late February during a random audit conducted within the person’s department.
Read more on The Telegram.
Audits work – but after the fact. While the Denine does not blame Eastern Health Authority at all and thinks they did everything right, could other technical controls or other monitoring software have enabled Eastern Health Authority to prevent this?