Hundreds of patient records at Winnipeg’s Health Sciences Centre were accessed inappropriately by a staff member over several months, Shared Health reported on Friday. The breach, which occurred between August 2023 and March of this year, affected approximately 360 patients. An internal investigation into incidents of unauthorized access led to the discovery of the breach.
Patients whose records were compromised were advised to contact Shared Health’s privacy office for further discussion and to obtain a record of staff access to their health records. This incident isn’t the first of its kind, as a similar breach involving 1,000 patient records occurred at HSC in 2016, followed by another involving around 200 patient health files. Shared Health’s chief privacy officer, Christina Von Schindler, expressed regret over the breach and emphasized the organization’s protocols to detect and prevent unauthorized access.
The clinical staff member responsible for the breach is no longer employed at HSC, and Shared Health maintains stringent measures for staff training and compliance with privacy regulations. Employees undergo training on accessing personal health information and must adhere to the Personal Health Information Act and in-house policies. Furthermore, routine audits of staff activity in electronic health record systems help ensure ongoing compliance and accountability.
Reference:
