Data privacy

Article: http://www.informationweek.com/blog/main/archives/2008/03/hospital_worker.html

In late January/early February, popstar Britney Spears visited UCLA Medical Center for treatment. Seeing as she is a prime target of the media nowadays, it was almost inevitable that something would go wrong with her visit. And sure enough, something did go wrong. Not one, not two, but thirteen employees were recently fired for violating Spears' privacy. Six more were suspended.

The medical center did everything it could to prevent the situation. Because all medical workers are granted access to patient records so that they can do their job, avoiding violation of patients' privacy pretty much relies on the Honor Code and on warnings issued by UCLA. UCLA officials warned employees not to access the medical record of a patient unless they were directly caring for that patient. They also warned that violation of patients' privacy would result in disciplinary action and possibly termination. But you know what they say, the more you tell someone not to do something, the more they will want to do it. Luckily, the medical center was monitoring access to Spears' records, trying to catch unauthorized personnel in the act.

This is the problem when you have a database that can be accessed by any personnel in a certain department. All the personnel have access because they need the information to do their jobs...however, they have access to all records, when they only need access to a few records at any given time. This problem is not only at the UCLA Medical Center...many organizations suffer as well.

Let's face it, we can't always rely on people to do the right thing. There will always be bad seeds who are going to break the rules. For that reason, there needs to be better controls on databases in these types of environments. True, all medical workers, such as nurses, doctors, and interns, need access to patient records. They need this information in order to treat their patients. However, can't there be a control that only allows access to records of patients currently being treated by that worker?

Let's say Nurse Betty is treating 5 patients. She would only be granted access to those 5 records. Now let's say two of her patients are released and she accepts one more. She has now gained access to one more record, but lost access to the records of the two released patients. Basically, when a patient is accepted to the hospital, all relationships to the correct personnel would be established and unless the patient is assigned a new doctor, nurse, etc. at some point, those personnel would be the only ones able to access their records.

I do not know if this is a realistic solution, it may require too many resources to implement a control like this, and money doesn't grow on trees. But idealistically, it sounds like a good solution so that people like Britney Spears, who already has enough problems, do not have to worry about Joe Schmo posting private medical records all over the internet.