back to article Hospital gopher fined for prying into ex's family records

A former healthcare assistant at Royal Liverpool university hospital has been fined £500 and been ordered to pay £1,000 towards prosecution costs after she unlawfully accessed the medical records of five members of her ex-husband's family. Juliah Kechil accessed the records of the five individuals between July and November …

COMMENTS

This topic is closed for new posts.
  1. This post has been deleted by its author

    1. Anonymous Coward
      Thumb Up

      Not really

      Telephone numbers are hardly something you need to hide, and if one of my family members get into an accident in another part of the country, I certainly appreciate that "Ms. Nobody" at the hospital is able to look up their details.

      What is needed - and what was in place here - is an audit trail, so you can fine people for doing things they weren't supposed to.

      You also want to people to be able to drive above the speed limit on the highway in case of an emergency - yet still be able to fine them heavily, if they do so when no emergency was present.

      1. John I'm only dancing

        Like the police?

        Usually on their way to the nearest takeaway. Well it is an emergency.

    2. Anonymous Coward
      Anonymous Coward

      Agreed

      Which is why systems should be put in place that audit the usage of said data and this data should be checked regularly. The individual is responsible for the misuse and is then open to prosecution under the correct laws..

  2. FreeTard

    Phonebook

    Sure she could have looked them up in the book?

    That still works right?

    1. Anonymous John

      The article refers to "new telephone numbers" and "nuisance calls". It's a safe bet they changed numbers and went ex-directory after an acrimonious divorce.

  3. Anonymous Coward
    Anonymous Coward

    More importantly...

    ...did she get the sack?

    1. JimmyPage Silver badge

      It did say

      "former" .....

  4. Winkypop Silver badge
    Coat

    £15 victim surcharge

    It's just not worth being a victim these days...

  5. John Smith 19 Gold badge
    Thumb Up

    So they *can* trace who accessed your data.

    And (unlike say the Police) they actually *do* so on occasion.

    Here's a little suggestion for *all* govt and public service organisations.

    Lets say once a month run a report that cross checks case file access versus staff *assigned* to those cases. Only print staff *not* assigned to case but who have accessed the files.

    Should be a 1 page report saying "There is nothing to report"

    Bet it's not.

    Thumbs up as the hospital did the right thing and should be *encouraged* to do it again.

    1. Anonymous Coward
      Anonymous Coward

      Some already do this...

      There are places that already do this within the NHS, HOWEVER it's not always possible to obtain the data easily as PAS systems are often not linked up to EPR or EMR systems. Yes you can run reports out of both and then have a mechanism for cross checking the results but this is costly... There are happily many systems that will "interface" with one and other and allow you to aggregate the data to do this cheaply...

      PAS - Patient Admin System - Used for booking patients in and out, bed management etc.

      EPR System (also known as EMR - Electronic Medical Record etc) - Electronic Patient Record - Used for recording storing patient demographics and medical history, procedures etc

    2. Rob 5

      "Lets say once a month run a report that cross checks case file access versus staff *assigned* to those cases."

      I was at a DefCon approx. 10 years ago, give or take, where a chap from the US DoD described how they were doing exactly that. Naturally, he didn't go into detail about the frequency with which reports were run, etc.

  6. Tom 38

    Still, £15 fine

    She's unlikely to do that again. How about 3 months at her madge's pleasure?

  7. Anonymous Coward
    Anonymous Coward

    Remember Sarah Keays

    Before the internet a politician called Cecil Parkinson allegedly had a child with a lady called Sarah Keays. The child apparently had medical problems and the paper records came into the possesion of the Sun newspaper. An investigation was able to narrow it down to anyone who worked in the GPs surgery so no-one was prosecuted. Unfortunately I couldn't find a reliable online link to the story. Likewise, in the past this healthcare worker could almost certainly have accessed paper records without leaving an audit trail. I for one am happier with a slightly higher risk of people accessing my records because they are on computer if there is, at the same time, a much higher risk of the person doing so being caught.

  8. Anonymous Coward
    FAIL

    Hmm...

    ". We will always push for the toughest penalties against individuals who abuse this trust."

    Is it just me or is that typical ICO rhetoric....

    Ultimately weightless and hollow... £15 victim surcharge... oh great, 2 packets of fags then...

  9. David 45

    Regulation? Humbug!

    Who watches the watchers?

This topic is closed for new posts.

Other stories you might like