St. Joe’s creates new executive position for security of patient files amid backlash

by
Sebastian Bron - Spectator Reporter
from on (#62PPC)
st_joes.jpg

St. Joseph's Healthcare Hamilton has created a new executive position dedicated to protecting patient privacy in the wake of a litany of intentional staff breaches.

The hospital said Wednesday the senior post will oversee a revamped privacy policy, recently overhauled amid staunch criticism after five employees snooped into the sensitive health records of 61 patients in 2021.

We are committed to implementing best practices and addressing past shortcomings related to protecting patient privacy," John Aldis, senior vice-president of finance and corporate services at St. Joe's, said in an emailed statement.

Among the modifications to the hospital's privacy policy are:

  • Increased governance over the collection, use and disclosure of personal health information;

  • A protocol for responding to privacy breaches;

  • Warnings of disciplinary consequences for non-compliance, up to and including termination;

  • Mandatory privacy training for all staff, in addition to existing training requirements upon hire;

  • And an annual requirement for all staff to attest to confidentiality.

The changes are a response to a string of privacy-related breaches at St. Joe's that have recently come under fire from experts, sparked a probe from Ontario's privacy watchdog and even led to an employee being fired.

Even before this year, the hospital network already boasted among the worst track records in the province for patient file security.

A Spectator analysis in April revealed St. Joe's reported 2,183 privacy breaches to the Information and Privacy Commissioner of Ontario between 2018 and 2020 - the second most in the province.

Internal hospital communication documents shared with The Spectator this week show St. Joe's has struggled to consistently track and monitor privacy breaches properly in recent years because of staff turnover.

We are unable to determine accurate breach numbers for prior years due to lack of formal tracking and inconsistency in the determination of privacy breaches," reads a media briefing memo sent to senior hospital staff March 17.

Due to staff departures, the privacy team has completely changed so there are no staff fully aware of legacy practices."

The hospital said Wednesday those gaps in tracking have since been tightened with the addition of its new chief risk, legal and privacy officer and overhauls to its privacy policy.

We acknowledge that the tracking and recording of privacy incident are important for a culture of continuous improvement and accountability," Aldis said. We have improved our systems, ensuring that incidents are tracked, trends identified and breaches are remediated in a timely manner."

Sebastian Bron is a reporter at The Spectator. sbron@thespec.com

External Content
Source RSS or Atom Feed
Feed Location https://www.thespec.com/rss/article?category=news
Feed Title
Feed Link https://www.thespec.com/
Reply 0 comments