U of I Hospital employee fired, others suspended for snooping

From Modern Healthcare:

Officials at University of Iowa Hospitals and Clinics are stepping up employee training and enforcement on patient privacy in the wake of a discovery that at least eight employees inappropriately accessed the records of a patient in the past month.

One person at the 653-bed hospital in Iowa City was terminated as a result of the discovery, and seven others were given five days unpaid leave. The security breach was discovered as part of a routine review of confidential patient records accessed by hospital staff, hospital spokesman Tom Moore said.

In a written statement, hospital Chief Executive Officer Ken Kates vowed to increase staff training, although he noted that all employees and volunteers are already required to sign an annual statement saying they understand the hospital’s patient-privacy policy.

Although the investigation is ongoing, Moore said the breach is believed to have only involved accessing records, not disseminating the information gleaned. Asked whether the incident involved the records of any well-known person, as privacy violations at other hospitals have recently, Moore declined to comment: “We feel it would be inappropriate to provide details about the patient identity. … These cases often involve celebrities or perhaps acquaintances.