Kaiser fires 15 workers for snooping in octuplet mom's medical records
Another eight hospital employees disciplined for improperly accessing Nadya Suleman's files
Computerworld - A Kaiser Permanente hospital located in a Los Angeles suburb has fired 15 employees and reprimanded eight others for improperly accessing the personal medical records of Nadya Suleman, the California woman who gave birth to octuplets in January.
The unauthorized accessing of Suleman's electronic records at the medical center in Bellflower, Calif., violated a California law designed to safeguard the privacy of health care data, according to Kaiser spokesman Jim Anderson, who said the snooping incidents have been reported to the California Department of Public Health.
The improper activities were discovered as a result of increased network monitoring procedures that the hospital implemented in anticipation of the huge public interest in Suleman following the birth of the octuplets, Anderson said.
"We have known since she came into the hospital that at some point, this would be a fairly widely reported story," he said, adding that Kaiser also conducted extra training before Suleman was admitted to the hospital to remind employees about the importance of keeping patient data confidential.
Anderson said Suleman was first notified of the breaches about 10 days ago, initially to inform her that eight people had accessed her records without authorization. She later was told that Kaiser had found that an additional 15 employees had done so. There is little evidence thus far that any of the fired or disciplined workers accessed the files for any reason other than personal curiosity, Anderson said.
Suleman shot into the public and media spotlight when she became only the second person in the U.S. known to have delivered a set of living octuplets. At the time, Suleman was already the mother of six children — a fact that added an element of controversy to the births, fueling even more interest in her.
Data-snooping incidents such as the one at the Kaiser Permanente Bellflower Medical Center highlight the lack of adequate security controls that hospitals and other entities in the health care industry have for protecting patient records, said Deborah Peel, founder and chair of Patient Privacy Rights, a watchdog group in Austin.
"The state of health IT access controls is abysmal, atrocious and outdated," Peel said. She claimed that what happened at Kaiser "can and does happen" on a broad scale at hospitals across the U.S. because of their continued reliance on "primitive" security controls that haven't been updated in decades.
Unlike in industries such as the financial services sector, where role-based access control is the norm rather than the exception, a wide range of workers at health care providers can get access to patient data whether they need to have such access or not, according to Peel.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Knowledge Center White Papers | Webcasts