Our Lady of the Angels Hospice has learnt a former worker retrieved the medical files of 1,140 patients without approval.
The worker had been allowed access to the PHI so as to carry out work duties; however, hospital workforce became conscious the worker was retrieving medical files without any genuine work reason to do so.
The wrong access was learnt on July 25, 2017, and the worker’s entrance to the medical documentation system was instantly ended, as was the worker.
President and CEO, Rene Ragas, Our Lady of the Angels Hospital, stated, “Patient secrecy is a top urgency and we have a zero-tolerance rule for workers who wrongly retrieve patient files.”
A comprehensive inquiry was carried out to decide which patients had been affected, which disclosed the former worker had been wrongly retrieving the medical files of patients for over 3 years.
The Bogalusa, LA hospice was bought by the Franciscan Priests of Our Lady Health System on March 17, 2014, which is the day given for when the wrong access first began. A representative for the hospice verified to Becker’s Hospice Review that the wrong access might have been happening for as many as 15 years when the hospice was controlled by LSU Health in the title LSU Bogalusa Medical Center.
The worker was asked regarding the wrong access and it doesn’t seem that any PHI was disclosed to any other people or was used wrongly. This seems to be one more instance of a healthcare worker accessing medical files out of curiosity.
Although data thievery and abuse is not doubted, out of an abundance of carefulness, all patients whose secrecy was infringed have been provided 12 months of credit checking services free of charge.
The kinds of info retrieved by the former worker include names, phone numbers, addresses, gender, dates of birth, social security numbers, insurance information, diagnoses, places of services, dates of services, and clinical information like orders, medicines, test results, and clinical abstracts.
Our Lady of the Angels Hospice is studying procedures and policies and will be reviewing its audit procedures to make sure any future secrecy breaches of this type are known more quickly. Further training is also being offered to workers regarding the security and privacy of PHI.