Octomom's hospital records accessed, 15 workers fired

Share this article:
Updated Tuesday, March 31, 2009 at 5:27 p.m. EST

A Los Angeles-area hospital recently fired 15 workers for accessing the medical records of octuplet mother Nadia Suleman without permission, a spokesman confirmed to SCMagazineUS.com Tuesday.

Eight other employees face other unspecified disciplinary action for their role in the incident, which took place at Kaiser Permanente Bellflower Medical Center, said the spokesman, Jim Anderson.

Suleman gained widespread media attention after giving birth to her octuplets on Jan. 26 at the hospital.

Hospital officials told the Los Angeles Times that the breach was discovered during computer monitoring and the hospital was able to determine which employees had medical reason to access Suleman's files. Anderson did not indicate what type of hospital employees accessed the records but said there is no indication that the information was sold or accessed for any reason other than curiosity.

John Linkous, product evangelist at security and compliance management provider eIQnetworks, told SCMagazineUS.com in an email Tuesday the employees who accessed Suleman's files were most likely hospital personnel who had access to patient records but were not allowed to look at them at will.

Anderson said the incident was reported to the California Department of Public Health.

If this was the case, the breach would be an example of a good and bad-news scenario for the hospital in terms of information security, Linkous said. It would mean hospital policy was not followed by these employees, but that the facility did have the appropriate controls in place to ensure the breach of patient health care records could be detected.

Alternately, the hospital may have lacked proper access controls altogether, or failed to configure them properly, thus resulting in the breach, he added.

"Was it a failure of technology-based privacy controls, or was it an abuse of privilege?" Linkous said.

Last year, similar high-profile breaches occurred at UCLA Medical Center, resulting in a number of firings after it was discovered that employees were snooping on the medical records of Britney Spears, Farrah Fawcett and California First Lady Maria Shriver.

In response, California Gov. Arnold Schwarzenegger signed two bills into law last October that imposed harsher penalties on hospital workers who inappropriately access patient data.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.