Articles and Case Studies

When curiosity kills professional conduct

22 Jun 2020

Janet Harry

by Ms Janet Harry

Eyes

When curiosity kills professional conduct

When a well known musician's COVID-19 became headline news, a hospital had to investigate a possible leak.

 

The case

A well-known rock band cancelled their tour and left the country with a plan to self-isolate at home. Prior to their departure, the lead singer became acutely unwell requiring hospitalisation and treatment after testing positive to COVID-19.

No one knew the singer had remained in Australia – so when the star’s diagnosis was splashed across the front page of a gossip magazine, the hospital had no choice but to investigate the leak. The article included specific clinical information that could only have been known by accessing the patient’s medical record.

The investigation

Several doctors at the hospital were asked to explain why they had apparently accessed the famous musician’s medical records. Although the investigation was being conducted by the hospital, the doctors were advised that they could be referred to the Australian Health Practitioner Regulation Agency if they were found to have breached hospital policy in relation to privacy.

 

What if I accessed the record?

 

With so much personal health information being stored online, regular audits are conducted within hospitals to ensure there is accountability when it comes to patient privacy. At MDA National, we have assisted several doctors who have been investigated for looking at the medical records of their partners, other family members, or ‘celebrity’ patients.

Significant penalties can apply if you’re found to have accessed medical records without clinical justification. In addition, there can be serious consequences at work – including disciplinary action, and even dismissal.

Medical practitioners working in hospitals should ensure they only access records and other health information about a patient when involved in the care of that patient, or for a purpose approved under hospital policy.

 

Things to think about

  • Ignorance is a poor defence if you knowingly breach a patient’s privacy. Ensure that you know your hospital’s policy on privacy, as it’s not enough to claim you were unaware of its existence.
  • Make sure you log out after accessing your patient’s records so that your login credentials cannot be used inappropriately by anyone else. There are many good reasons to protect your electronic footprint, and patient privacy is certainly one of them.
  • If there is a universal login ID, ensure that you only access records where you’re personally involved in a patient’s care, or you have been directed to do so by someone senior.
  • If you believe there is a genuine educational or other reason for you to access patient information, discuss this with your supervisor and document the discussion before accessing the notes.
  • Remember that the bigger the celebrity, the greater the risk that their personal health will be inappropriately accessed, and an electronic audit trail examined.

Communication with Patients, Confidentiality and Privacy, Complaints and Adverse Events, Medical Records and Reports
 

Library

Telehealth Q&A

Learn from the telehealth questions hospital-based doctors asked MDA National earlier this year. From managing a procedure follow up, to what you need to consider when using a personal phone for a consultation.

Podcasts

27 Jun 2020