Privacy central to patient trust
Alfred Health chief executive Prof Andrew Way has issued a written apology to more than 7000 patients after their medical records were viewed by a healthcare worker while not directly involved in their care.
Prof Way said accessing patient information without a direct clinical reason is a breach of privacy and completely unacceptable.
“We deeply value the relationship we have with our patients, and the trust they put in us, and we unreservedly apologise for the healthcare worker’s misconduct,” Prof Way said.
“We have written to every patient whose medical record was accessed without authority, and we have invited them to call our dedicated hotline if they would like additional information or support.”
While cybersecurity experts reviewing the privacy-matter found no evidence of download or use of patient information, the former worker’s behaviour was a fundamental breach of professional standards.
“What began as healthcare worker’s legitimate professional access to the electronic medical records system morphed to include access for personal curiosity,” he said.
“As soon as this behaviour was confirmed, we terminated their employment and referred the matter to both the Australian Health Practitioner Regulation Agency (Ahpra) and the Australian Digital Health Agency.”
There is no evidence the, now, former employee kept a copy of any data, shared data online or otherwise misused patient data.
The health service is looking at whether there is technology available to improve the detection of unusual behaviour in the electronic medical record system, while still ensuring seamless access for time critical patient care.
