• Join or Renew
  • Login
  • Canadian Nurses Protective Society 1-800-267-3390
  • Twitter
  • Facebook
  • LinkedIn
Canadian Nurses Protective Society
  • Services
    • Services
    • Professional Liability Protection and Core Services
    • Supplementary Protection
    • Am I Eligible?
    • In need of urgent legal information?
  • Education & Resources
    • Education & Resources
    • Publications
    • Communities of Practice
    • Nursing Students
    • The NP Corner
    • Operating a business or independent practice?
    • Case Studies
  • News & Events
    • News & Events
    • Webinars
    • News
  • About Us
    • About Us
    • A Message from the CEO
    • Board of Directors
    • Who we are
    • Frequently Asked Questions
    • Careers
    • CNPS Member Organizations
Canadian Nurses Protective Society 1-800-267-3390
  • Need Urgent Advice?

Case Study: Protecting the privacy of personal health information

Canadian Nurses Protective Society > Education & Resources > Case Studies > Case Study: Protecting the privacy of personal health information

A woman was admitted to the hospital for heart surgery. When admitted, she was very concerned because she knew that her estranged husband, a non-nurse, and his new girlfriend, a Registered Nurse (RN), were employees of the hospital where she was being treated. The patient informed the admitting staff, her nurses, and physicians that she did not want her estranged husband or his new girlfriend to know that she was a patient at the hospital nor to have access to her personal health information. As an added precaution, she was admitted to the hospital using her pre-marriage name.

After she was discharged from the hospital, the patient learned, through conversations with her estranged husband, that he was aware that she had been hospitalized and he was privy to the details of her treatment. The patient was upset by what she felt was a privacy intrusion. After thinking about the matter for a few days, the patient filed a formal complaint with the hospital alleging that there had been unauthorized access to her health records by her estranged husband and his girlfriend.

In response to the complaint, the hospital’s Chief Privacy Officer immediately flagged the woman’s electronic medical record and audited all access to the file. This meant that a report would be sent to the hospital’s Chief Privacy Officer each time the file was viewed and anyone accessing the file would be informed that the file was being closely monitored. The hospital also initiated an investigation which found that the estranged husband and his girlfriend had accessed this patient’s computerized hospital record 10 times and the access by both was unjustified. The estranged husband was not a nurse, and although his girlfriend was an RN, she was not a member of the patient’s health-care team and therefore did not have authorized access. Consequently, the estranged husband, who had been employed by the hospital for 21 years, received a 10-day suspension without pay. The RN (girlfriend), who had an unblemished 24-year career at the hospital, was suspended without pay for four weeks. Both employees were required to attend privacy classes and notified that their conduct would be monitored on an ongoing basis by their manager.

The Chief Privacy Officer informed the patient of the findings and the outcome of the hospital’s investigation. The patient has now retained a lawyer to advise her about her legal options relating to this situation.

Resources

The following links to infoLAWs will help you to answer the quiz: Confidentiality of Health Information, Legal Risks in Nursing, Privacy. The Code of Ethics for Registered Nurses will also be of assistance.

[1] Names, characters and locations in this article are fictitious. Any resemblance to actual persons, living or dead, or actual events is purely coincidental.

THIS PUBLICATION IS FOR INFORMATION PURPOSES ONLY. NOTHING IN THIS PUBLICATION SHOULD BE CONSTRUED AS LEGAL ADVICE FROM ANY LAWYER, CONTRIBUTOR OR THE CNPS. READERS SHOULD CONSULT LEGAL COUNSEL FOR SPECIFIC ADVICE.


Case Study Quiz: Protecting the privacy of personal health information

Education & Resources

  • Register to access case studies, quizzes, and more!
  • Case Studies
  • Operating a business or independent practice?
  • Publications
  • The NP Corner
  • Nursing Students
Canadian Nurses Protective Society
  • Terms of Use
  • FAQs
  • Careers
  • Newsletter
  • Join or Renew
  • Login
© 2025 Canadian Nurses Protective Society
  • Contact Us
  • Accessibility Statement
  • CNPS Privacy Policy

Before you start, please have on hand:

1. If you are renewing, the email address you used to register for CNPS PLP in 2022 (your 2022-2023 CNPS receipt would have been sent to that email address).

2. Your CRNA permit number (found in the top-right corner of College Connect when you are logged in).

3. If you are a member of the Alberta Association of Nurses (AAN), your AAN membership number. If you would like to receive the CNPS group rate, please visit www.albertanursing.ca and join/renew before beginning your CNPS registration.

By clicking on this link and completing my registration, I understand that if I decide to join the AAN later on, the CNPS is unable to refund my individual rate registration.

I accept and continue