Back to Top Is it worth it? The consequences of snooping on health records - The Ottawa Hospital Website scanner for suspicious and malicious URLs


Is it worth it? The consequences of snooping on health records

June 5, 2015 – In celebration of its annual Privacy Awareness Week, The Ottawa Hospital held events and answered questions at information booths across its three campuses from June 1 to 5.

The main event was a panel discussion hosted by The Ottawa Hospital in conjunction with the Office of the Information and Privacy Commissioner of Ontario (IPC). Key stakeholders examined the importance of privacy within the health-care environment, the impact of changing technology, and how the legal landscape has recently shifted, heralding a new era of risks and penalties when it comes to privacy breaches.

Across Ontario, there have been a number of privacy breaches where personal health information was accessed by health professionals for unauthorized purposes. Whether out of curiosity, personal gain or simple concern about the health of friends and family, snooping through medical records can have devastating consequences for patients, health professionals and the health system as a whole.

“Privacy breaches come in all forms. Even when they are filled with good intent, they are still breaches and are potentially subject to fines of up to $50,000, prosecution, termination or revocation of privileges and reports to professional colleges,” said Nyranne Martin, General Counsel at The Ottawa Hospital. “The risks for institutions include fines of up to $250,000, class action lawsuits and reputational damage.”

Because of the risks associated with privacy breaches, the hospital’s Information and Privacy Office has set the goal for its program of achieving high visibility, high impact and high compliance. “At The Ottawa Hospital, we must all protect our patients’ rights. We also want to help our staff and physicians protect their careers’’, said Martin.

To create a culture of privacy protection and in an effort to reinforce its policies, the hospital has implemented mandatory training for all staff and physicians on privacy and information security. The hospital has also stepped up its communications with staff and physicians to increase awareness of the issue, including messages in the hospital’s weekly newsletter and visits by members of the privacy team to various units for training sessions.

“For those who would consider violating the privacy of patients, I want them to think twice and ask themselves if it is worth it,” said Brian Beamish, Information and Privacy Commissioner of Ontario. “I believe that by working together, we can find a way to minimize the risk of privacy breaches from happening.”

Media contacts:

Hazel Harding
Communications Advisor
The Ottawa Hospital
T: 613.737.8460

Rob McMahon
Director of Communications
Information and Privacy Commissioner of Ontario
M: 416.627.0307