More SA Health staff sacked and disciplined for spying on patient records
MORE SA Health workers have been sacked for snooping on patient records, as controversy rages about the security of medical data following the My Health Record outcry and a privacy breach at the Women’s and Children’s Hospital.
- The My Health Record debate: What you need to know
- Elisa Black: Why I’m opting out of My Health Record
- Women’s and Children’s patient records left online
- Case that sparked a crackdown: Cy Walsh’s records accessed
AS public debate rages over the security of health data, the gatekeepers of patients’ health information continue to be sacked and disciplined for snooping.
SA Health has now sacked at least 13 staff and disciplined 26 — one on their final warning — for trawling patient health records without authorisation.
The revelation comes as concern grows about the security of the Federal Government’s planned My Health Record scheme, and the extraordinary blunder where more than 7000 patient records from the Women’s and Children’s Hospital were left online for 13 years — and only discovered by a parent googling his child’s name.
While federal and state officials stress confidential patient records are secure, inquiries by The Advertiser show 13 SA Health staff have been sacked since February 2016 for snooping through files and another 26 disciplined. The most recent sacking was recorded on June 1.
SA Health brought in the termination policy in the wake of the Cy Walsh scandal when it was revealed 13 clinicians hacked into his medical records without authority after his admission to Flinders Medical Centre following the stabbing death of his father, then-Crows coach Phil Walsh, in 2015.
Those 13 — from across the health system — were disciplined. It then emerged that at least nine patients had their records browsed without authority by at least 24 staff.
In the wake of the scandal, then-health minister Jack Snelling pledged anyone caught snooping would be sacked.
No details of the positions held by the people sacked — or of the incidents — have been released.
It is understood the employees who were disciplined rather than sacked had inadvertently accessed medical records without authorisation.
The latest sacking comes even though the penalty for deliberately snooping on patient records is well known in the health system.
When he announced the policy, then-SA Health chief executive David Swan said: “The trust between our patients and staff is the bedrock of our high-quality health system and we take any breach of patient confidentiality or privacy extremely seriously.
“I made it clear that staff inappropriately and deliberately accessing confidential patient information would not be tolerated.”
Despite his pledge at the time that the policy reinforces “our commitment to the highest standards of patient privacy and confidentiality and ensure the community can continue to have the highest level of confidence in our health system”, staff continue to risk their jobs by browsing private data.
Australians are being invited to choose whether to have their health and medical records added to the new My Health Record system, and have until October 15 to decide before records are automatically added to the database.
Concerns over security and privacy have sparked a rush to opt out of the scheme, which will allow medical records stored on a password-protected database to be viewed by patients, doctors, and other medical staff at any time.