• Join or Renew
  • Login
  • Canadian Nurses Protective Society 1-800-267-3390
  • Twitter
  • Facebook
  • LinkedIn
Canadian Nurses Protective Society
  • Services
    • Services
    • Core Services and Professional Liability Protection
    • Supplementary Protection
    • Am I Eligible?
    • In need of urgent legal information?
  • Education & Resources
    • Education & Resources
    • Publications
    • Communities of Practice
    • Nursing Students
    • The NP Corner
    • Operating a business or independent practice?
    • Case Studies
  • News & Events
    • News & Events
    • Webinars
    • News
  • About Us
    • About Us
    • A Message from the CEO
    • Board of Directors
    • Who we are
    • Frequently Asked Questions
    • Careers
    • CNPS Member Organizations
  • COVID-19
Canadian Nurses Protective Society 1-800-267-3390
  • Need Urgent Advice?

Case Study: Protecting the privacy of personal health information

Canadian Nurses Protective Society > Education & Resources > Case Studies > Case Study: Protecting the privacy of personal health information

Protecting the privacy of personal health information

In January of last year, a woman, who was in the midst of divorce proceedings, was admitted to the hospital for heart surgery. When admitted, she was very concerned because she knew that her estranged husband, a non-nurse, and his new girlfriend, a Registered Nurse (RN), were employees of the hospital where she was being treated. The patient informed the admitting staff, her nurses, and physicians that she did not want her estranged husband or his new girlfriend to know that she was a patient at the hospital nor to have access to her personal health information. As an added precaution, she was admitted to the hospital using her pre-marriage name.[1]

After she was discharged from the hospital, the patient learned, through conversations with her estranged husband, that he was aware that she had been hospitalized and he was privy to the details of her treatment. The patient was upset by what she felt was a privacy intrusion. After thinking about the matter for a few days, the patient filed a formal complaint with the hospital alleging that there had been unauthorized access of her health records by her estranged husband and his girlfriend.

In response to the complaint, the hospital’s Chief Privacy Officer immediately flagged the woman’s electronic medical record and audited all access to the file. This meant that a report would be sent to the hospital’s Chief Privacy Officer each time the file was viewed and anyone accessing the file would be informed that the file was being closely monitored. The hospital also initiated an investigation which found that the estranged husband and his girlfriend had accessed this patient’s computerized hospital record 10 times and the access by both was unjustified. The estranged husband was not a nurse, and although his girlfriend was an RN, she was not a member of the patient’s health-care team and therefore did not have authorized access. Consequently, the estranged husband, who had been employed by the hospital for 21 years, received a 10-day suspension without pay. The RN (girlfriend), who had an unblemished 24-year career at the hospital, was suspended without pay for four weeks. Both employees were required to attend privacy classes and notified that their conduct would be monitored on an ongoing basis by their manager.

The Chief Privacy Officer informed the patient of the findings and the outcome of the hospital’s investigation. The patient has now retained a lawyer to advise her about her legal options relating to this situation.

Resources

The following links to infoLAWs will help you to answer the quiz: Confidentiality of Health Information, Legal Risks in Nursing, Privacy. The Code of Ethics for Registered Nurses will also be of assistance.

[1] Names, characters and locations in this article are fictitious. Any resemblance to actual persons, living or dead, or actual events is purely coincidental.

THIS PUBLICATION IS FOR INFORMATION PURPOSES ONLY. NOTHING IN THIS PUBLICATION SHOULD BE CONSTRUED AS LEGAL ADVICE FROM ANY LAWYER, CONTRIBUTOR OR THE CNPS. READERS SHOULD CONSULT LEGAL COUNSEL FOR SPECIFIC ADVICE.


Case Study Quiz: Protecting the privacy of personal health information

Education & Resources

  • Register to access case studies, quizzes, and more!
  • Case Studies
  • Operating a business or independent practice?
  • Publications
  • The NP Corner
  • Nursing Students
Canadian Nurses Protective Society
  • Terms of Use
  • FAQs
  • Careers
  • Newsletter
  • Join or Renew
© 2023 Canadian Nurses Protective Society
  • Contact Us
  • Accessibility Statement
  • CNPS Privacy Policy
  • Login