The article is from August of 2018 and found in the Healthcare IT News, among others. The ethics breach was by a Canadian pharmacist in Nova Scotia. The pharmacist caught accessing the health records of approximately 46 patients that the pharmacist knew (Minion, 2018). The ethics breach was spread over two years until the Canadian Privacy Commission discovered what was happening though standard audits. The article said this pharmacist had looked at the records of former classmates, her doctor, and a person whom she had a car accident with, her kid’s therapist, her coworkers, family members, and her kid’s girlfriend (Minion, 2018). The pharmacist also shared some of this private information with her spouse and was overheard telling him their son could no longer date his girlfriend because of the information found in the medical records of the girlfriend AND parents of the girlfriend (Minion, 2018).
The article said the pharmacist was suspended from practice for six months and fined $5000 and pay $4000 in costs to complete a course in business ethics (Minion, 2018). The pharmacy is one of the country’s major grocery retail chains, the Sobey company. The Privacy Commission says those that are using the medical records (grocery store pharmacy) “must anticipate and plan for the intentional abuse of access by authorized users” ( (Minion, 2018).
Sobey’s privacy policy states they protect personal health information and have security measures in place from unauthorized use (Sobeys, 2019). I could not find any further info of filed lawsuits against Sobeys as well as the pharmacist. The Privacy Commissioner quoted saying after the investigation that Sobeys did not correctly monitor access to the data and were “inadequate.” The commissioner made eight recommendations for Sobey’s to improve security monitoring of the health database through all of its locations in Nova Scotia (Quon, 2018). Sobeys also had to contact all people in the 46 records breached (Quon, 2018); however, I wasn’t able to find if they had potentially sued the chain for damages.
References
Minion, L. (August 13, 2018). Canadian pharmacist breaches privacy of people known to her by routinely accessing their health records. Retrieved from: https://www.healthcareit.com.au/article/canadian-pharmacist-breaches-privacy-people-known-her-routinely-accessing-their-health
Office of the Privacy Commissioner of Canada. (2019). Office of the Privacy Commissioner of Canada. Retrieved from: https://www.priv.gc.ca/en/
Quon, A. (September 4, 2018). N.S. Department of Health responds to report on Sobeys pharmacist who ‘snooped’ through health information. Retrieved from: https://globalnews.ca/news/4425843/n-s-department-health-privacy/
Sobeys. (2019). Privacy policy. Retrieved from: https://www.sobeys.com/en/privacy-policy/