When curiosity kills professional conduct
22 Jun 2020

When curiosity kills professional conduct
When a well known musician's COVID-19 became headline news, a hospital had to investigate a possible leak.
The case
A well-known rock band cancelled their tour and left the country with a plan to self-isolate at home. Prior to their departure, the lead singer became acutely unwell requiring hospitalisation and treatment after testing positive to COVID-19.
No one knew the singer had remained in Australia – so when the star’s diagnosis was splashed across the front page of a gossip magazine, the hospital had no choice but to investigate the leak. The article included specific clinical information that could only have been known by accessing the patient’s medical record.
The investigation
Several doctors at the hospital were asked to explain why they had apparently accessed the famous musician’s medical records. Although the investigation was being conducted by the hospital, the doctors were advised that they could be referred to the Australian Health Practitioner Regulation Agency if they were found to have breached hospital policy in relation to privacy.
What if I accessed the record?
With so much personal health information being stored online, regular audits are conducted within hospitals to ensure there is accountability when it comes to patient privacy. At MDA National, we have assisted several doctors who have been investigated for looking at the medical records of their partners, other family members, or ‘celebrity’ patients.
Significant penalties can apply if you’re found to have accessed medical records without clinical justification. In addition, there can be serious consequences at work – including disciplinary action, and even dismissal.
Medical practitioners working in hospitals should ensure they only access records and other health information about a patient when involved in the care of that patient, or for a purpose approved under hospital policy.
Things to think about
- Ignorance is a poor defence if you knowingly breach a patient’s privacy. Ensure that you know your hospital’s policy on privacy, as it’s not enough to claim you were unaware of its existence.
- Make sure you log out after accessing your patient’s records so that your login credentials cannot be used inappropriately by anyone else. There are many good reasons to protect your electronic footprint, and patient privacy is certainly one of them.
- If there is a universal login ID, ensure that you only access records where you’re personally involved in a patient’s care, or you have been directed to do so by someone senior.
- If you believe there is a genuine educational or other reason for you to access patient information, discuss this with your supervisor and document the discussion before accessing the notes.
- Remember that the bigger the celebrity, the greater the risk that their personal health will be inappropriately accessed, and an electronic audit trail examined.
Reportable Deaths and Coronial Matters
MDA National's Daniel Spencer (Case Manager - Solicitor) and Karen Lam (Medico-Legal Adviser) discuss when a person's death should be reported to the Coroner and what to do if the Coroner requests a statement or report.
15 May 2025
Death Certificates
When a doctor can write a death certificate (where the death does not need to be reported to the Coroner), considerations when writing the death certificate and how to complete it accurately.
15 May 2025
Communication in healthcare teams
Why good and effective communication is a vital part of delivering quality and safe patient care
15 May 2025

Doctors, Let's Talk: Setting Boundaries At Work
A conversation with Nicola Campbell, Psychiatry Registrar, that explores the necessity of setting professional boundaries as a Junior Doctor.
07 Dec 2022