So apparently George Clooney was in a motorcycle accident recently (it was news to us, too) and he and his companion were taken to a northern New Jersey hospital for treatment. Well, it seems that the state of Clooney’s rib (world’s sexiest rib?) is quite a juicy piece of info — and someone leaked it to the press. The hospital investigated the leak and says it found 27 people — doctors and nurses included — who had accessed Clooney’s file without authorization. And now those 27 people have been suspended for a month without pay.
Does the punishment fit the infraction? And would the penalty have been this severe if the file in question hadn’t been someone famous? For his part, Clooney says he’d prefer that the hosptial would resolve the issue without the suspensions.
A related question: do electronic health records make this kind of unauthorized access more or less likely? Presumably any system handling this kind of info would be encrypted and have strict access controls. But as people have come to find in the digital age, electronic information seems to live forever — and even secure systems fail (every other month there seems to be a breach in some sort of database containing sensitive info). Or, to put it a different way, should you trust Microsoft to keep your health information safe?
Earlier on blog.bioethics.net:
+ Bush: “[Electronic Health Records Must Be] Secure & Private (Except When They Aren’t)
+ HIPAA Gutted Again – the Sound and Fury of Patient Privacy Laws in the U.S.
-Greg Dahlmann