[BreachExchange] Health practitioner fined $30, 000 after accessing patient records for personal reasons

[Terrell Byrd]

https://www.nzherald.co.nz/nz/health-practitioner-fined-30000-after-accessing-patient-records-for-personal-reasons/N6XWLJBUPK6SPWKDB4YNZBMUYY/

A health practitioner has been ordered to pay $30,000 after accessing a
number of patient records for personal reasons.

In May of this year, the Health Practitioners Disciplinary Tribunal
Decision examined a charge laid by a Professional Conduct Committee against
a registered medical practitioner referred to as Dr N.

The charge alleged that the practitioner had acted in breach of their
"ethical obligations".

In 2017 Dr N had accessed over 30 patient records, many of which were not
in her care.

During January 1 and November 13, 2017, Dr N accessed the electronic
clinical records of 21 people who were not her patients.

"The information accessed and reviewed included referral screens, progress
notes and reports, free text letters, psychiatric assessments and
discharge/transfer summaries," the decision stated.

During this time the practitioner accessed the electronic clinical records
of 13 people for personal reasons. She also accessed patients' electronic
clinical records with their consent while they were not under her care.

"The Practitioner also provided a former friend with photos of two mental
health risk assessments concerning a patient.

"This included details such as his date of birth, NHI number, the current
risk of suicide and violence, previous diagnoses and proposed management
plan."

Between January 1 and November 13, 2017, an audit found Dr N accessed the
records of 35 patients when there was no clinical reason for her to have
access to the records.

The decision said accessing patient notes became an anxiety-driven
compulsion.

"It gave the Practitioner a sense of control and turned the unknown into
something more manageable.

"It became a ritual when she was fearful, and she was uncertain if people
were who they claimed to be," the decision stated.

During the hearing, Dr N did not dispute the charge or the misconduct.

"The Practitioner's actions undermined patient confidence in the
confidentiality of the doctor/patient relationship."

The Tribunal found that each particular charge amounted to malpractice,
including ones where patient consent was given.

Dr N has been ordered to pay $30,000.00, alongside an audit of her access
to patient records every three months.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211221/84eb2991/attachment.html>