RETURN TO MAIN BLOG
In a recent practice alert issued by PDL, Principal Kellie Dell’Oro and Solicitor Jeremy Smith of Meridian Lawyers provided essential guidance to Australian health practitioners regarding the protection of patients’ sensitive health information. They highlighted the crucial need for caution, noting that even with stringent measures, inadvertent breaches can occur.
Meridian Lawyers often assist practitioners and organizations who have accidentally disclosed or misplaced patient information. Such errors may occur through simple missteps, like emailing attachments to the incorrect recipient or misplacing a USB containing health records intended for a specific patient.
A report from the Office of the Australian Information Commissioner (OAIC) in late February 2020 revealed that there were 117 data breaches involving sensitive health information over a six-month period, reported by health service providers across the country. These breaches required notification due to the lack of timely remedial actions, which could lead to significant harm to the individuals affected.
The breaches often resulted from cyber-attacks or the physical theft of medical records, which may be challenging for individual practitioners to prevent. However, nearly half of these incidents stemmed from human errors, such as sending information to the wrong email address, accidental releases or publications of sensitive information, or losing physical files or devices containing medical records. These are preventable mistakes that health service providers need to address more effectively.