NSW hospital patients have had their confidential details compromised on multiple occasions, including medical records being found in a public carpark.
Many of the most serious privacy breaches have been reported in the Central Coast Local Health District, which runs Gosford and Wyong hospitals.
In 2015, a patient’s emergency assessment paperwork was discovered on the ground near Gosford Hospital.
However, the patient concerned was never informed because the Health District said there was not a “serious risk of harm”.
The same year, a confidential list of patients containing sensitive information including the reasons for attending hospital was discovered on a walkway near Gosford Hospital.
Once again, the patients were never informed because the information was not deemed to put them at “serious risk of harm”.
The Opposition’s health spokesman Walt Secord described it as an “absolute breach of trust”.
“Medical records are incredibly sensitive. In many cases, you don’t even share them with your closest family members,” Mr Secord said.
“The last thing you want is for them to be blowing around a carpark.”
The Opposition has called for an external investigation of the hospital’s privacy management.
“Health must also give a commitment that they have contacted all the patients involved,” he said.
In another privacy breach, a patient was given medical test results that belonged to another patient who had the same surname.
In this case, the patient whose privacy was breached was informed of the incident.
Patient’s home address given to ex-partner
Official documents also detail a 2015 case in which a health worker improperly released the address of a patient to the patient’s former partner when their child was brought to the emergency department.
In another case, a staff member was found to have improperly accessed the electronic medical records of their ex-partner and child.
The staff member was given a “formal disciplinary warning”, according to the Central Coast Local Health District.
The state’s acting Privacy Commissioner Elizabeth Coombs said the cases from 2014/15 were “concerning”.
“Health information is very important because it’s not just information about the individual, but it can be information about their children, sibling and parents,” Dr Coombs said.
“And sometimes with certain health conditions, there can be potentially some stigma attached to them.”
Another breach involved a staff member making an “inappropriate comment” to another health worker, about the sexual assault information contained in a patient’s file.
More than 30 breaches
The Central Coast Local Health District recorded more than 30 privacy breaches in 2014/15, and in 2015/16 there were 16.
While the 2014/15 figures were reported by the Health District, the 2015/16 figures were not.
The Health District said that was due to a “change in reporting requirements”.
Central Coast Health District CEO Dr Andrew Montague said the organisation took privacy breaches “extremely seriously”.
“The District has implemented a number of measures to reinforce the importance of patient privacy to staff,” he said.
Extra face-to face privacy training has been made available to all staff, along with updated information on privacy standards, Dr Montague said.