Health agency says privacy breach could happen again
B.C.'s health minister and Vancouver Coastal Health say a privacy breach involving the surgical records of 450 people could happen again because of the prevalence of health workers who use portable electronics.
The private files, contained on a laptop computer and USB drive, were lost by a resident at the Toronto airport in late September. He did not report the loss to officials for 10 days.
The resident doctor at Vancouver General Hospital who compromised the information was not treating patients, but conducting quality control research on past surgical cases. He is not an employee of Vancouver Coastal Health but was given access to the patient records by a department supervisor.
The health authority is apologizing to the affected patients and said the medical resident has been given a verbal warning.
"Sometimes people are careless, there's human error and that's what we have to keep working on," said spokesperson Gavin Wilson. "We know it's not acceptable."
Health Minister Mike de Jong isn't happy it took the medical resident so long to report the loss of the laptop, but defends medical workers who take patient files home on their personal computers.
"I think most people appreciate the fact that there are professionals who actually take their work home with them because they care that much about the health of their patients," he said.
Coastal Health officials agree that technology is playing a bigger role in the field of medicine, and that it poses some unique challenges for physicians.
"They need to do their job, they need to be using these devices," Wilson said. "The issue is keeping the information of a patient's confidential and safe and we believe that still can be done."
NDP health critic Mike Farnworth said the incident is the latest in a string of unacceptable privacy breaches involving Coastal Health.
"If they can't deal with it then frankly I think the government needs to step in and make sure it is dealt with because it's unacceptable," he told CTV News.
This isn't the first time a lost laptop has caused a major security breach for Coastal Health.
In 2006, a computer was stolen from the office of the Employee and Family Assistance Program (EFAP), run by the Vancouver Coastal Health Authority.
The computer contained personal information and referral information for thousands of health workers who sought help for "intensely personal problems," including drug and alcohol problems, sexuality issues and emotional trauma.
Affected workers in this case weren't notified for up to 10 days.
Wilson, meanwhile, said the authority is working hard to make sure this won't happen again.
"We have to redouble our efforts in terms of educating staff and physicians and researchers and others who have access to confidential patient information," he said.
Wilson said as a direct result of the breach the health agency has recognized the need of reeducating medical residents in the handling of sensitive patient files on portable mobile devices. Officials are also talking to their colleagues at UBC about emphasizing the importance of this to its medical residents.
One of the other things the agency is looking at is making sure medical records on laptops and memory sticks are encrypted before being allowed out of health care facilities.
Carolina Becerra, who has cancelled her credit cards because of the recent privacy breach, just wants some answers.
'What are they going to do in the future to make sure that this doesn't happen? Because it just seems really unprofessional to have information like that floating around."
With a report from CTV British Columbia's Lynda Steele