Once again the Fax Over Cloud newsreel has dug up yet another interesting story about health care, privacy violations and automated faxing.
According to a 29 August article from the Leader-Post, it seems a healthcare organization in Saskatchewan experienced a ghastly mistake - one that occurred 14 times, affecting 13 patients, of sending patient information to the wrong fax numbers.
See Leader-Post Article by Austin M. Davis
This unfortunate series of events occurred at The Regina Qu'Appelle Health Region (RQHR) located in Saskatchewan, Canada. The phone circuits are provided by SaskTel and the fax system? Not being mentioned by RQHR's Marlene Smadu, vice-president of quality and transformation.
An email request from Fax Over Cloud has gone unanswered.
Worse, they claim the faxing system was the culprit - stating that it was, "misdialing some numbers by repeating one of the digits when dialing."
Even worse: The temporary "fix" was to reboot the entire fax system every few days.
According to Davis' Leader-Post article who quotes Dr. Smadu, "We're quite confident now since the end of May that the process that we've put into place, which is rebooting the whole system every two days to make sure that it's only the right fax numbers that are in there, has solved the problem..."
It should be noted that Davis' article points out that the fax provider and SaskTel are working on a permanent fix for the problem. Rebooting every few days is obviously not a fix.
Mistakes like this can happen, but usually it's human error - someone entering the wrong number in to the fax system or mistyping a digit, that sort of thing. But to claim that the system itself was adding extra digits is unheard of - or is it?
Luckily for RQHR, they had no obligation to report this breach of privacy to the authorities - in this case, the Office of the Saskatchewan Information and Privacy Commissioner. There was no mention of this being a violation of Canada's PIPEDA laws (the Personal Information Protection and Electronic Documents Act).
How would this be handled in the U.S.? Or other countries where healthcare privacy has become such a hot issue?
Check out the full article and you decide.