UCLA Medical Center has fired 13 workers, will suspend six more, and is set to discipline six doctors for looking at Britney Spear’s computerized medical records without authorization. Hospital officials said this also happened in September, 2005 when she had Sean Preston at that hospital. Instead of installing a security system with multiple levels of access on their computer records, they’re blaming the people who looked at them when they left them wide open. I know people shouldn’t be snooping like that and they’re entirely to blame, but it’s lame of the hospital not to have done something about it the first time and to think the solution is to let heads roll. It’s human nature to snoop like that and they need to hire a programmer because this is going to happen no matter who they fire.
The hospital says that only Britney’s non-psychiatric records were accessible to staff. When anyone uses the system it’s easy to see what they’re looking at, because there’s an audit trail created with their PIN number.
The union for the hospital workers is pissed that only workers at a lower level, and no doctors, are getting fired for the same offense.
Unlike UCLA, Cedars-Sinai Medical Center has a system that lets them limit access to certain records only to people who are authorized to view them. That sounds a hell of a lot cheaper to install than having to hire 13 new workers just because they were nosy.
This isn’t an issue of selling information to the tabloids, either, at least according to the hospital. They say “there is no evidence that any employee leaked information to the media or sold it,” and considering that her psychiatric records were in a separate system, there probably wasn’t much dirt there anyway.
Listen to how UCLA staff spins this to make it sound like they’re doing something about it. There is no mention of installing security measures to limit access, they think that they should trust people and then fire them afterwards:
Questioned about the breaches, officials acknowledged that it was not the first time UCLA had disciplined workers for looking at Spears’ records. Several were caught prying into records after Spears gave birth to her first son, Sean Preston, in September 2005 at Santa Monica-UCLA Medical Center and Orthopaedic Hospital, officials said. Some were fired.
“It’s not only surprising, it’s very frustrating and it’s very disappointing,” said Jeri Simpson, the Santa Monica hospital’s director of human resources, who handled the discipline in the first instance.
“I feel like we do everything that we possibly can to ensure the privacy of our patients and I know we feel horrible that it happened again.”
Simpson said UCLA treats celebrities “all the time and you never hear about this.”
“I don’t know what it is about this particular person, I don’t know what it is about her,” she added, referring to Spears.
Hoping to head off such problems, UCLA officials sent a memo the morning Spears was hospitalized Jan. 31, reminding employees that they were not allowed to peruse records unless directly caring for a patient. Spears, 26, was not specifically mentioned.
“Each member of our workforce, which includes our physicians, faculty, employees, volunteers and students, is responsible to ensure that medical information is only accessed as required for treatment, for facilitating payment of a claim or for supporting our healthcare operations,” chief compliance and privacy officer Carole A. Klove wrote in an e-mail to all employees.
“Please remember that any unauthorized access by a workforce member will be subject to disciplinary action, which could include termination.”…
Klove declined to discuss specifics of the most recent incidents, citing privacy protections for patients and workers. But she did say the hospital began taking disciplinary actions immediately upon discovering each breach.
“Right from the minute she came in, audits were continually being done,” she said. “We watch this all the time. We have people dedicated to looking at records to monitor access.”
When employees look at a patient’s records electronically, they leave an electronic trail. “We advise all of our workforce that their password is their PIN for lack of a better analogy, and it is their signature,” Klove said. When it is used, the systems track which screens they view and for how long.
[From The LATimes]
It sounds like that audit trail is working really well for you, UCLA medical center. /End rant on corporate stupidity.
In related news, staff on the set of “How I Met Your Mother,” in which Britney will guest star, are wearing wristbands to make sure that unauthorized people don’t gain access to the set while the pop star is there. Star Neil Patrick Harris said he was even denied entry to the stage once when the security teams changed and didn’t recognize him.
Britney is shown shopping at the Beverly Center yesterday. I wonder if her $1,500 a week allowance rolls over to the next week of if she’s got to use it or lose it. Thanks to WENN for these photos.
Firing employees for just looking at records widely accessible? Is there a better way to fester a relationship between the staff and the bosses?
Have you ever heard of HIPAA? Medical information is PRIVATE.
A hospital employee who is snooping without any real reason, should be fired permanently. I do not feel sorry for these hospital workers, they were just being nosy and deserve to be fired.
I think they should have been reprimanded not fired but then again, they knew damn well not to be in the medical files of people whose cases they were not directly involved in.
When I worked for a wireless company, we were told many times during the training process to not even look at the accounts of people we knew else we would be fired and I never did as tempting as it was.
The fact is these people let their curiosity overrule common sense and the privacy of their patients despite knowing it could mean their jobs. The practically fired themselves.
Firing them was absolutely the correct thing.
Since it is a serious breach of privacy, I think they should also be prosecuted. That might possibly teach them a lesson, since obviously they are horrible people without a shred of manners or compassion, and don’t understand the whole “treat others with kindness” thing that we were all supposed to learn as children.
I agree that UCLA needs to update their system (especially if they “treat celebs all the time”), but I also say fire those idiots.
I would be furious if I found out I couldn’t trust my DOCTOR and the clinic where she worked. That’s one of the most vulnerable positions we can be in and we have complete blind-faith that those people wont screw us over.
No sympathy. Just because the system isn’t fool proof, as evidenced by the fools who accessed it, doesn’t excuse their breaching of confidential information just for their own amusement or curiousity. I’d hate to think someone would do the same to me. And if they are untrustworthy enough to breach it by reading, knowing better, who’s to say they wouldn’t leak as well?
No pity; they should have kept to their obligations on their job.
I also think the higher ups should be handled the same as well. A higher education obviously didn’t keep them from lowering themselves. Let them explain that to a new employer. Just because a floor sweeper is easier to replace doesn’t mean a doctor gets carte blanche to do as he pleases. Accountability peeps. Just ask Spitzer.
They may not have an easy time getting another job in this field if a reference from the previous employer is required. Why would want to hire untrustworthy people like that anyway? They brought it on themselves. They could have sold that info. to the tabloids among other things and profited. They knew better too. I have absolutely NO sympathy for them.
It doesn’t matter who Britney Spears is, how famous she is, or what she has done – she is entitled to the same medical privacy that the rest of us are.
Many years back the hospital I worked at had similar problems (before the stronger HIPPA codes):
1. Something happened to somebody that the media was doing backflips to write about. We all had to attend ‘the meeting’ where we were told about how they’d know everyone that accessed the patient’s digital records, and anyone that accessed them that wasn’t a direct caregiver during that shift risked losing their jobs.
Although different levels of licenses had varying amounts of access, housekeeping and kitchen staff could still access many areas in the program. Those positions didn’t have as much to lose as licensed employees that spent many years in school and building up their careers if they accessed the files and were caught.
2. Occasionally there’d be a patient whose circumstances required anonymity because of threats to them. They had a system for this, but they found it was a very weak system when someone with a half a brain was very determined to find someone.
They had a pretty decent system in place to prevent kidnappings of babies and kids, and ran occasional drills, then had post-drill meetings to analyze weaknesses. They’d also review kidnapping cases after hearing about it in other places in a US hospital. So you’d think that hospitals would use the ‘learn from other hospitals mistakes’ lessons to come up with better anonymity systems. Similar stories have been in the media with other celebrities.
If you ever want to hear a reader’s feedback đŸ™‚ , I rate this article for 4/5. Detailed info, but I have to go to that damn msn to find the missed parts. Thanks, anyway!