Weather

Current Conditions
-5.3 C
Clear
Today's Forecast
0 C
Mainly sunny
Sponsored by Highland Ford

News And Views

Classifieds

Announcements

Entertainment

Shop Local

More Local

Search The Web

Google Search

Local News

Lawyer to look at earlier Sault Area Hospital breach

Thursday, May 15, 2014   by: Darren Taylor

An Ottawa lawyer who is speaking to Sault Area Hospital patients about a lawsuit over a health records privacy breach says he is also looking into a leak of job applications at the hospital last year.

Ottawa lawyer Michael Crystal said he wants to hear from anyone who applied for employment at Sault Area Hospital (SAH) and had his or her personal information made available through Google search results.

SAH said in October that resumes and cover letters submitted through a new database on the hospital's website from August 16 to October 2, 2013 were accidentally made available to Google after database security settings were left disabled.

“I’m very interested to know if (the people affected) got any representation,” Crystal told SooToday.com Wednesday.

“I think it shows there’s an aspect to Sault Area Hospital that is kind of frightening in the way they approach information technology,” Crystal said. 

It is estimated by SAH approximately 500 applicants were affected.

Crystal said one of many people he met with Tuesday and Wednesday regarding a possible class action lawsuit against SAH concerning unauthorized access of patient records informed him of the job application/Google matter and has asked him to investigate further.

The Google situation was explained, and apologized for, in a letter sent from SAH to affected job applicants.

Upon discovery of the problem, SAH said it and its vendor, SK Group, took immediate action and security settings on the SAH website were activated.

Google was notified and the search engine removed the affected job applications.

SK Group told SooToday.com in October that the problem was addressed "immediately" and continually monitored afterward.

Crystal was in Sault Ste. Marie Tuesday and Wednesday addressing a separate matter, meeting with a group of patients whose medical records the hospital said were accessed by an SAH employee not authorized to do so.

SAH announced in mid-April an employee had inappropriately accessed patient files using the MediTech system 144 times dating back to 2008.

Letters were sent out from SAH to patients advising them of the breach, informing them that the SAH staff member involved was fired, and that there was no reason to believe personal information, such as Ontario health card numbers, had been shared.

The fired employee’s name has not been released to the general public or the media, but was made available by SAH, upon request, to any affected patients who wished to know the employee’s name.

As for Crystal’s possible launch of a class action lawsuit for those upset over the unauthorized search of medical records, Mario Paluzzi, SAH director of communications and public affairs, said “certainly anyone who feels they would like to pursue litigation, that’s their prerogative. Mr. Crystal has been doing something very similar in a case with the Peterborough Regional Health Centre, and obviously this seems to be an area of specialization for him, so this is something that should be expected.”

“He’s assessing the situation and that’s something that he’s well within his rights to do.”

“We feel very comfortable we took the appropriate action. We were in contact with the Information and Privacy Commissioner’s office, we contacted all of the affected patients and took the appropriate action against the employee who was at the centre of it,” Paluzzi said.

“Anybody who was put in this situation has a right to be upset and as far as we can determine it was done by someone being a bit too curious, and most of the patients seemed to be OK with that, but whether it meets the threshold of litigation, that’s up to the courts.”

“If and when it gets to the courts we’ll deal with that,” Paluzzi said.

As for the job application/Google situation, Paluzzi said “that was an honest mistake made by the vendor. It was unfortunate, but it’s a very different thing accessing your resume if someone is Googling you versus your private health information being directly accessed by someone.”  

Regardless, Crystal said he wants to meet with any job seeker whose personal information may have been accidentally made available to Google in the SAH breach in 2013.  

“I intend to meet with other people and anticipate being back in the Sault for another meeting in the next six to eight weeks,” Crystal said.

Crystal said he can be contacted at 1-855-594-5490.

Comments
3
Note: Comments that appear on the site are not the opinion of SooToday.com. If you see an abusive post, please click the link beside the post to report it.
iamtc 5/15/2014 12:59:01 PM Report

TIP Could it be that a nurse is looking up patients medical records for maedications that are given, home meds that are brought in that are kept in the med room not counted for and can be easily stolen and end up sold on the street.
bluewater10 5/15/2014 4:05:38 PM Report

Well happy nurses week iamtc!
lucyp 5/15/2014 5:08:05 PM Report

Nope she just had no rhyme nor reason why she chose the people she did
Advertising | Membership | Terms of Service | Privacy Policy | About SooToday.com | Contact Us | Feedback

Copyright ©2014 SooToday.com - All rights reserved