Kaiser fires 15 workers for snooping in octuplet mom's medical records
Another eight hospital employees disciplined for improperly accessing Nadya Suleman's files
Computerworld - A Kaiser Permanente hospital located in a Los Angeles suburb has fired 15 employees and reprimanded eight others for improperly accessing the personal medical records of Nadya Suleman, the California woman who gave birth to octuplets in January.
The unauthorized accessing of Suleman's electronic records at the medical center in Bellflower, Calif., violated a California law designed to safeguard the privacy of health care data, according to Kaiser spokesman Jim Anderson, who said the snooping incidents have been reported to the California Department of Public Health.
The improper activities were discovered as a result of increased network monitoring procedures that the hospital implemented in anticipation of the huge public interest in Suleman following the birth of the octuplets, Anderson said.
"We have known since she came into the hospital that at some point, this would be a fairly widely reported story," he said, adding that Kaiser also conducted extra training before Suleman was admitted to the hospital to remind employees about the importance of keeping patient data confidential.
Anderson said Suleman was first notified of the breaches about 10 days ago, initially to inform her that eight people had accessed her records without authorization. She later was told that Kaiser had found that an additional 15 employees had done so. There is little evidence thus far that any of the fired or disciplined workers accessed the files for any reason other than personal curiosity, Anderson said.
Suleman shot into the public and media spotlight when she became only the second person in the U.S. known to have delivered a set of living octuplets. At the time, Suleman was already the mother of six children — a fact that added an element of controversy to the births, fueling even more interest in her.
Data-snooping incidents such as the one at the Kaiser Permanente Bellflower Medical Center highlight the lack of adequate security controls that hospitals and other entities in the health care industry have for protecting patient records, said Deborah Peel, founder and chair of Patient Privacy Rights, a watchdog group in Austin.
"The state of health IT access controls is abysmal, atrocious and outdated," Peel said. She claimed that what happened at Kaiser "can and does happen" on a broad scale at hospitals across the U.S. because of their continued reliance on "primitive" security controls that haven't been updated in decades.
Unlike in industries such as the financial services sector, where role-based access control is the norm rather than the exception, a wide range of workers at health care providers can get access to patient data whether they need to have such access or not, according to Peel.
- Combating Identity Theft in a Mobile, Social World Offering identity theft protection and remediation allows businesses to give their workforce the confidence to efficiently engage while bringing financial reward to the...
- After a Breach: Managing Identity Theft Effectively This white paper from LifeLock Business Solutions notes that FIs in addition to managing fraud should strive to turn a negative event for...
- Combating Identity Fraud in a Virtual World This slide presentation reveals findings from the Javelin Strategy & Research 2012 Identity Fraud Report about mobile and social trends, the real risks...
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Accelerate your innovation with IBM Bluemix™ Join us for a webcast introducing the new IBM BluemixTM. IBM Bluemix (www.bluemix.net) is a developer oriented Platform as a Service (PaaS) environment... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!