Alberta Doctor Accidentally Leaks The Medical Records Of 7,000 Patients
The Police & AHS are working together to protect your information.
The medical records of thousands of Albertans were leaked because of one doctor’s foolish email practices. More specially, this Calgary doctor exposed the medical records of 7,000 patients by accident after using his personal email for work purposes.
The doctor's name has not been made public at this time, though we can confirm he was working at Calgary’s Richmond Road Diagnostic and Treatment Centre. The incident occurred when the doctor was using his personal Gmail when his account was hacked. The date of the hack itself is not clear, but measures to protect patents are underway as of now.
He was using his Gmail to transmit health information, which is most certainly not allowed in accordance with the Information Security & Privacy policies. According to the release by Alberta Health Services, “conducting clinical business on behalf of AHS and AHS patients using non-AHS issued email accounts” is strictly prohibited.
“While this privacy breach was unintentional and is deeply regretted by the physician, that does not in any way diminish the seriousness of the matter,” said Dr. Francois Belanger, Vice President, Quality & Chief Medical Officer. At present, AHS is working to identify all affected patients and notify them immediately.
Though it is not certain that the hacker has accessed the medical records, the hacking resulted in the loss of documents, therefore the incident constitutes a privacy breach under the Health Information Act (HIA).
The hack is being investigated in collaboration between the Calgary Police Service and AHS with the physician’s cooperation. AHS is working actively to notify everyone who may be impacted and they have provided a telephone line specifically for anyone who needs assistance or information about this incident.
According to the news release, AHS has put a great deal of care into ensuring everyone is aware of the importance of “appropriate access, safeguarding, and encryption of patient information.” As such, they are not taking this incident lightly.
In the interest of protecting the confidentiality of the people affected by the situation, AHS is not releasing any additional information at this time.
If your medical records have been compromised, you will be contacted directly.
As of now, it is unclear what the ramifications will be for the doctor in question. Though, we do know that following protocol carefully is just another thing that definesand that is just as much the case when it comes to how you handle your emails.