Medical records safety isn't limited to the United States, as the former mayor of Toronto, Rob Ford, has recently discovered. According to Canadian news source CTV, the politician's private information has been a repeated target of privacy violations, not by unknown hackers but hospital staff. In the U.S., practices should heed this as a sign to work more stringently against possible HIPAA violations.
The local Ontario policy that parallels HIPAA, the Personal Health Information Privacy Act or PHIPA, requires patient consent before personal medical data is used, but Ford has reportedly suffered this on four separate occasions.
Ford's most recent privacy breach is said to involve seven members of the staff at the United Health Network, an organization which witnessed more than 130 privacy violations in 2014 alone, as the Toronto Star notes.
That source also features comments from Brian Beamish, Acting Commissioner for the Office of the Information and Privacy Commissioner of Ontario, who placed these events in context with the other UHN breaches.
"This is a very disappointing development in light of the other health information privacy breaches that have occurred over the last year, which should have also served as a cautionary tale," he said. Ford was diagnosed with cancer in 2014: Since then, multiple hospitals have been involved in what the Star called Ford's "privacy breach saga" in a different article.
Even though PHIPA and HIPAA are not analogous, medical centers put themselves at risk when any breach can be traced back to employees, especially one involving a high-profile patient.
A hospital consultant could address the problems present in one specific location and potentially prevent future privacy-related breach issues from coming to pass, through staff education, implementing proper IT procedures or another service that corresponds to critical behavior.