Case Study: Privacy Breach and Information Release at Glendale Clinic

Verified

Added on 2023/05/31

AI Summary

This case study examines a breach of patient confidentiality at Glendale Medical Clinic, where Mr. Tremaine, a physician, accessed his wife's medical records without her consent due to marital difficulties. The analysis identifies the key issue as a violation of medical ethics and privacy laws, specifically the unauthorized use of patient information. It determines that Mr. Tremaine is primarily responsible for the breach, potentially aided by an administrative assistant. The case argues that this incident should be reported to the Information and Privacy Commissioner (IPC) under the Ontario Personal Health Information Protection Act (PHIPA). While Mrs. Tremaine could not have foreseen this breach, the clinic should implement stricter confidentiality measures, such as enhanced computerized databases with restricted access, to prevent similar incidents in the future. The case concludes by emphasizing the importance of maintaining patient confidentiality and adhering to ethical guidelines in healthcare settings. Desklib offers resources like this case study to aid students.

Running head: PRIVACY AND RELEASE OF INFORMATION
Privacy and Release of Information
Student’s Name
Institutional Affiliation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

PRIVACY AND RELEASE OF INFORMATION 2
Privacy and Release of Information
1. Explain the key issue in this scenario (2mrks)
The key issue in this scenario is breach of confidentiality of a patient. Mr. Tremaine
obtains the medical records of his wife due to their constrained marriage relationship. It is
both unethical and professional to obtain the medical information of a patient without
their knowledge and for such selfish motives (Murphy, 2017). It is a breach of the code of
medical ethics.
2. What type of breach would you say occurred in this scenario? (2mrks)
The breach that occurs in this case is that of use of the information of client without
authority/due procedure. Mr. Tremaine looks for the medical records of his wife for no
work-related reasons. This amounts to breach of the confidentiality if patient information.
This is one of the breaches that can be reported to a commissioner for it is involves an
individual who knowingly accessed the information of a patient knowing that the move is
illegal and unethical.
3. What kind of information was breached and was there harm to the patient? (2
mrks)
The information breached is patient history records. The patient in this case is Mrs.
Tremaine. In addition to obtaining her files from the hospital, Mr. Tremaine also uses his
authority as a physician to request for a requisition of the medical records of the patient.
There is no physical harm suffered by the patient. The move could however cause
psychological and emotional harm due to the breach of confidence.

PRIVACY AND RELEASE OF INFORMATION 3
4. Who is responsible for the breach that occurred? (4 mrks)
Mr. Tremaine, a physician at the clinic is the key person involved in the breach of the
patient information. He is however assisted by an administrative officer who is present at
the time. The main blame would however go to the physician for it is obvious that he was
using his role in the hospital to perpetuate the act. We would expect an administrative
officer to follow the instructions of a physician.
5. Based on the mandatory reporting requirements under PHIPA would you
consider this a breach that should be reported to the IPC. Please explain. (3mrks)
This breach should be reported to the commissioner of a privacy breach. This is provided
for in the Ontario Personal Health Information Act under section 12(3). The section
explains one of the situations that should be reported as a case where there is use or
disclosure without appropriate authorization (Thibodeau and Walker, 2015). This case is
a perfect illustration of a situation where the information of a patient was obtained
without following the appropriate authorization.
6. Is there anyone else other than the IPC that should be notified of this breach? If
so why? (3mrks)
The IPC is mandated by law to handle such cases. The commissioner is therefore the best
suited person to handle the case. It follows that Mrs. Tremaine should report the matter to
the IPC. Although this is the best move, it would also be a wise move to notify the court
of the misconduct and how it comprised of a breach of confidentiality.

PRIVACY AND RELEASE OF INFORMATION 4
7. Was there anything Mrs. Tremaine could have done to prevent this from
happening? (2 mrks)
Mrs. Tremaine could be best described as a victim of circumstances who was not aware
of what the husband was up to. Its is would be true to conclude that she expected her
documents to be safe in the hospital. It can be concluded therefore that there is nothing
that Mrs. Tremaine would have done to prevent the events explained in the case from
happening.
8. What steps should the clinic take to prevent something like this from happening
in the future. (2mrks)
The clinic should ensure strict maintenance of confidentiality of client information. High
form of computerized databases could help solve the problem. The system should be set
in such a way that no one can access information of a patient without approval from the
patient.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

PRIVACY AND RELEASE OF INFORMATION 5
References
Murphy, R. S. (2017). Property rights in personal information: An economic defense of
privacy. In Privacy (pp. 43-79). Routledge.
Thibodeau, M. O., & Walker, J. (2015). Bill C-68: An Act to amend the Canadian Human
Rights Act, the Privacy Act and the Personal Information Protection and
Electronic Documents Act.