Thursday, April 27, 2017

That Old Paper Transfer Of Private Information Lets Us Down Again! Private Information Leaks Are Usually Caused By Human Error – Not Technology!

This appeared last week:

Patient privacy breach: over 1600 medical letters found dumped in Sydney bin

Kate Aubusson
Published: April 21, 2017 - 4:52PM
More than 700 public patients have had their privacy breached and potential delays in their follow up care after more than 1600 medical letters were found dumped in a Sydney bin.
NSW Health is investigating the incident involving a sub-contractor for a company tasked with transcribing medical letters sent from specialists to general practitioners.
On Tuesday, April 11, a man found piles of follow-up letters containing patient details stuffed into a garbage bin at an apartment block in Ashfield. It is understood there were more than 1600 documents in total. Some of the letters were duplicates. 
The man called in his neighbour, a female health worker, who recognised the documents were out-patient letters and contacted Ashfield police. 
A sub-contractor for Global Transcription Services (GTS) was supposed to take the letters home to post but instead stuffed them into the bin. The young woman had been dealing with personal upheaval and health issues, Health Minister Brad Hazzard said on Thursday, adding it was inappropriate to comment further.
The letters related to 768 public hospital patients from Royal North Shore, Gosford Hospital outpatients and Cancer Centre and Dubbo Hospital Cancer Centre.
There were also 700 letters relating to patients from six private providers: Chris O'Brien Lifehouse, providing services to Dubbo Cancer Clinic, Northern Cancer Institute (Frenchs Forest and St Leonards), Sharp Neurology, Southside Cancer Care Centre, Strathfield Retina Clinic and the Woolcock Institute.
It is not known how many private patients were affected. It is understood that less than one per cent of affected patients were treated by Lifehouse. 
The bulk of the letters were treatment progress reports from specialist consultations in December.
More here:
Other than wondering quite why so much detail about the breach was provided the cause of the problem is pretty clear. A worker simply failed to carry out their responsibilities appropriately for personal reasons.
Such issues can happen with both paper and electronic records albeit often in different ways.
Nonetheless, despite some comment and articles to the contrary, we are all entitled to have our private information kept private unless we choose to disclose it. No ifs or buts as far as I am concerned and I really struggle with the decency and sensitivity of those who think any different.
If you have a use case that validates the unauthorized disclosure of personal identified private information I would love to see it – unless it involves emergency care or the like. I am not expecting many takers!
David.

No comments: