Octomom's hospital records accessed, 15 workers fired

Share this article:
Updated Tuesday, March 31, 2009 at 5:27 p.m. EST

A Los Angeles-area hospital recently fired 15 workers for accessing the medical records of octuplet mother Nadia Suleman without permission, a spokesman confirmed to SCMagazineUS.com Tuesday.

Eight other employees face other unspecified disciplinary action for their role in the incident, which took place at Kaiser Permanente Bellflower Medical Center, said the spokesman, Jim Anderson.

Suleman gained widespread media attention after giving birth to her octuplets on Jan. 26 at the hospital.

Hospital officials told the Los Angeles Times that the breach was discovered during computer monitoring and the hospital was able to determine which employees had medical reason to access Suleman's files. Anderson did not indicate what type of hospital employees accessed the records but said there is no indication that the information was sold or accessed for any reason other than curiosity.

John Linkous, product evangelist at security and compliance management provider eIQnetworks, told SCMagazineUS.com in an email Tuesday the employees who accessed Suleman's files were most likely hospital personnel who had access to patient records but were not allowed to look at them at will.

Anderson said the incident was reported to the California Department of Public Health.

If this was the case, the breach would be an example of a good and bad-news scenario for the hospital in terms of information security, Linkous said. It would mean hospital policy was not followed by these employees, but that the facility did have the appropriate controls in place to ensure the breach of patient health care records could be detected.

Alternately, the hospital may have lacked proper access controls altogether, or failed to configure them properly, thus resulting in the breach, he added.

"Was it a failure of technology-based privacy controls, or was it an abuse of privilege?" Linkous said.

Last year, similar high-profile breaches occurred at UCLA Medical Center, resulting in a number of firings after it was discovered that employees were snooping on the medical records of Britney Spears, Farrah Fawcett and California First Lady Maria Shriver.

In response, California Gov. Arnold Schwarzenegger signed two bills into law last October that imposed harsher penalties on hospital workers who inappropriately access patient data.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Community Health Systems faces lawsuit related to data breach

The suit claims the hospital operator failed to meet security standards to protect the personal information belonging to patients.

Norwegian oil companies targeted in string of attacks

More than 300 companies are being warned to check their systems after at least 50 oil companies confirmed that their systems were attacked.

Possible payment card breach at Dairy Queen stores

Several financial institutions are reporting payment card fraud activity on credit and debit cards used at various Dairy Queen stores around the country, according to Brian Krebs.