Connect with us

News

Attempts to access Kate Middleton’s medical records are no surprise. Such breaches are all too common

Published

on

FILE: A close look reveals at least eight inconsistencies with the image. (Photo: princeandprincessofwales/Instagrarm)

The alleged data breach involving Catherine, Princess of Wales tells us something about health privacy. If hospital staff can apparently access a future queen’s medical records without authorisation, it can happen to you.

Indeed it may have already happened to you, given many breaches of health data go under the radar.

Here’s why breaches of health data keep on happening.

What did we learn this week?

Details of the alleged data breaches, by up to three staff at The London Clinic, emerged in the UK media this week. These breaches are alleged to have occurred after the princess had abdominal surgery at the private hospital earlier this year.

The UK Information Commissioner’s Office is investigating. Its report should provide some clarity about what medical data was improperly accessed, in what form and by whom. But it is unlikely to identify whether this data was given to a third party, such as a media organisation.

Health data isn’t always as secure as we’d hope

Medical records are inherently sensitive, providing insights about individuals and often about biological relatives.

In an ideal world, only the “right people” would have access to these records. These are people who “need to know” that information and are aware of the responsibility of accessing it.

Best practice digital health systems typically try to restrict overall access to databases through hack-resistant firewalls. They also try to limit access to specific types of data through grades of access.

This means a hospital accountant, nurse or cleaner does not get to see everything. Such systems also incorporate blocks or alarms where there is potential abuse, such as unauthorised copying.

But in practice each health records ecosystem – in GP and specialist suites, pathology labs, research labs, hospitals – is less robust, often with fewer safeguards and weaker supervision.

This has happened before

Large health-care providers and insurers, including major hospitals or chains of hospitals, have a worrying history of digital breaches.

Those breaches include hackers accessing the records of millions of people. The Medibank data breach involved more than ten million people. The Anthem data breach in the United States involved more than 78 million people.

Hospitals and clinics have also had breaches specific to a particular individual. Many of those breaches involved unauthorised sighting (and often copying) of hardcopy or digital files, for example by nurses, clinicians and administrative staff.

For instance, this has happened to public figures such as singer Britney Spears, actor George Clooney and former United Kingdom prime minister Gordon Brown.

Indeed, the Princess of Wales has had her medical privacy breached before, in 2012, while in hospital pregnant with her first child. This was no high-tech hacking of health data.

Hoax callers from an Australian radio station tricked hospital staff into divulging details over the phone of the then Duchess of Cambridge’s health care.

Tip of the iceberg

Some unauthorised access to medical information goes undetected or is indeed undetectable unless there is an employment dispute or media involvement. Some is identified by colleagues.

Records about your health might have been improperly sighted by someone in the health system. But you are rarely in a position to evaluate the data management of a clinic, hospital, health department or pathology lab.

So we have to trust people do the right thing.

How could we improve things?

Health professions have long emphasised the need to protect these records. For instance, medical ethics bodies condemn medical students who share intimate or otherwise inappropriate images of patients.

Different countries have various approaches to protecting who has access to medical records and under what circumstances.

In Australia, for instance, we have a mix of complex and inconsistent laws that vary across jurisdictions, some covering privacy in general, others specific to health data. There isn’t one comprehensive law and set of standards vigorously administered by one well-resourced watchdog.

In Australia, it’s mandatory to report data breaches, including breaches of health data. This reporting system is currently being updated. But this won’t necessarily prevent data breaches.

Instead, we need to incentivise Australian organisations to improve how they handle sensitive health data.

The best policy nudges involve increasing penalties for breaches. This is so organisations act as responsible custodians rather than negligent owners of health data.

We also need to step-up enforcement of data breaches and make it easier for victims to sue for breaches of privacy – princesses and tradies alike.The Conversation

Bruce Baer Arnold, Associate Professor, School of Law, University of Canberra

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Maria in Vancouver

Maria in Vancouver2 weeks ago

Fantabulous Christmas Party Ideas

It’s that special and merry time of the year when you get to have a wonderful excuse to celebrate amongst...

Lifestyle3 weeks ago

How To Do Christmas & Hanukkah This Year

Christmas 2024 is literally just around the corner! Here in Vancouver, we just finished celebrating Taylor Swift’s last leg of...

Lifestyle2 months ago

Nobody Wants This…IRL (In Real Life)

Just like everyone else who’s binged on Netflix series, “Nobody Wants This” — a romcom about a newly single rabbi...

Lifestyle2 months ago

Family Estrangement: Why It’s Okay

Family estrangement is the absence of a previously long-standing relationship between family members via emotional or physical distancing to the...

Lifestyle3 months ago

Becoming Your Best Version

By Matter Laurel-Zalko As a woman, I’m constantly evolving. I’m constantly changing towards my better version each year. Actually, I’m...

Lifestyle3 months ago

The True Power of Manifestation

I truly believe in the power of our imagination and that what we believe in our lives is an actual...

Maria in Vancouver5 months ago

DECORATE YOUR HOME 101

By Matte Laurel-Zalko Our home interiors are an insight into our brains and our hearts. It is our own collaboration...

Maria in Vancouver5 months ago

Guide to Planning a Wedding in 2 Months

By Matte Laurel-Zalko Are you recently engaged and find yourself in a bit of a pickle because you and your...

Maria in Vancouver5 months ago

Staying Cool and Stylish this Summer

By Matte Laurel-Zalko I couldn’t agree more when the great late Ella Fitzgerald sang “Summertime and the livin’ is easy.”...

Maria in Vancouver6 months ago

Ageing Gratefully and Joyfully

My 56th trip around the sun is just around the corner! Whew. Wow. Admittedly, I used to be afraid of...