Alfred Health apologises to more than 7,000 patients over privacy breach

The healthcare worker was viewing the medical records but was not directly involved.

Australian-based Alfred Health wrote an apology to more than 7,000 patients after a healthcare worker viewed patient medical records but was not directly involved in their care.

Alfred Health chief executive Prof Andrew Way said viewing patient information without a direct clinical reason is a breach of privacy and completely unacceptable.

“We deeply value the relationship we have with our patients, and the trust they put in us, and we unreservedly apologise for the healthcare worker’s misconduct,” Way said in a statement.

“We have written to every patient whose medical record was accessed without authority, and we have invited them to call our dedicated hotline if they would like additional information or support," he added.

Whilst cybersecurity experts reviewing the privacy-matter found no evidence of the download or use of patient information, the former worker’s behaviour was a fundamental breach of professional standards.

There is no evidence that the now-former employee received a copy of any data, shared data online or otherwise misused patient data.

The health service is seeing if there is a technology to improve the detection of unusual behaviour in the electronic medical record system, whilst still ensuring seamless access for time-critical patient care.