When Curiosity Could Send the Cat to Jail: Snooping in Medical Records Is a Privacy Breach
September 16, 2016 | Strategic Insights for Ambulatory Care
A worker at a doctor's office snooping into a neighbor's medical record to find out why he or she saw the doctor, or a hospital staffer looking at patient records to find out what happened after seeing an incident such as a shooting on the news: both of these are privacy breaches, according to an August 1, 2016, article in ModernMedicine. Snooping may seem "harmless," the author said, but even if the employee doesn't do anything with the information, it's still a privacy breach. Privacy is also breached when an employee takes patient information with him or her after leaving a practice in order to "take patients to" the new employer. Many electronic health records (EHRs) have an audit function that can show who is opening files, the author said, which can mitigate the harm from snooping. Another suggestion to mitigate the risk, according to a legal expert quoted in the article, is random monthly checks on each employee through the EHR to see whether any "unusual patterns are observed."