Tuesday, June 07, 2016

It Is Interesting That It Seems To Have Taken So Long To Resolve These Privacy Breaches.

These two reports appeared last week.
First we have:

SA Health workers sacked for breaching privacy

Department takes zero tolerance approach.

By Paris Cowan
Jun 1 2016 4:50PM
Three SA Health employees have lost their jobs for breaking privacy rules protecting patient records.
Department boss David Swan announced today that all three had their employment terminated for “inappropriately accessing” information in patient databases.
Swan had pledged in February to provide full transparency about any staff caught snooping in the state’s health information systems without a good reason, in the wake of revelations that 13 workers had been disciplined for accessing the records of Cy Walsh after he was charged with the murder of his AFL coach father Phil Walsh.
“I made it clear in February of this year that staff inappropriately and deliberately accessing confidential patient information would not be tolerated," Swan said in a statement today.
“Regrettably, since then we have terminated the employment of three staff for deliberate, inappropriate access of patient information."
Swan said in a press conference he would not provide any more details on who the patients were that have been caught up in the latest breaches.
He did, however, reveal the access took place in the latter half of 2015.
More here:
Second we have this:

More SA Health staff sacked for snooping

1 June, 2016 0 comments Read Later
Three more SA Health staff have been sacked over inappropriately accessing patient records.
The sackings were made over the past three months and come on top of two dismissals earlier this year for the same issue.
In February, SA Health revealed that clinicians, including doctors and nurses, were found to have inappropriately accessed medical records, with some snooping on the details of Cy Walsh after the stabbing death of his father last year, former Adelaide Crows coach Phil Walsh.
Thirteen staff were disciplined for accessing Walsh's records after he was taken to the Flinders Medical Centre in Adelaide for tests before he was charged with murder.
Six clinicians were also disciplined and two sacked for snooping on other patients.
At the time the government pledged to report on any further action taken against staff every three months.
More here:
Here is the press release:

Privacy Breach Update

1 June 2016
Over the past three months, three SA Health staff have had their employment terminated for inappropriately accessing patient records according to information published by SA Health today.
On 29 February 2016, SA Health Chief Executive David Swan warned that if it is proven staff have inappropriately accessed patient records it is highly likely their employment would be terminated.

Background

SA Health committed to report quarterly how many staff have been disciplined for inappropriately accessing patient medical records during the previous three months.

Quotes attributable to SA Health Chief Executive, David Swan

The trust between our patients and staff is the bedrock of our high quality health system and we take any breach of patient confidentiality or privacy extremely seriously.
As I have said many times, the vast majority of our staff do the right thing, acting professionally and with high ethical standards as they carry out their role.
I made it clear in February of this year that staff inappropriately and deliberately accessing confidential patient information would not be tolerated.
Regrettably, since then we have terminated the employment of three staff for deliberate, inappropriate access of patient information.
These actions and other important strategies we have put in place reinforce our commitment to the highest standards of patient privacy and confidentiality and ensure the South Australian community can continue to have the highest level of confidence in our health system.

Here is the link:
Three Comments:
First, what was the fate of the other 10 snoopers identified in February?
Second why don’t we have an proper enquiry to identify exactly what happened with this breach and to formulate a publicly disclosed plan (for the staff and public) as to how such issues will be prevented going further?
Third why disclose issues every three months rather than at the end of the week the breach was detected or staff dismissed. A delay like this is nonsense.
David.

No comments: