A rose and stuffed bear were taped to a pole at the intersection of Murphy Road and Cathcart Boulevard in Sarnia, Ont. Tuesday Jan. 8, 2013, where a 10-year-old girl was struck by a vehicle one day earlier.
Credits: TYLER KULA/THE OBSERVER/QMI AGENCY
SARNIA, ON -- Patient information about a 10-year-old girl who died after traffic accident may have been accessed in a recent privacy breach at Bluewater Health.
Sources say that as many as 17 staff were reportedly fired this month after an audit and staff interviews revealed non-clinical employees accessed patient information through a password-protected system - without authorization.
A woman who identified herself as the girl's mother, Diane Keck, took to The Sarnia Observer website Tuesday and said that she was contacted last week by Bluewater Health officials about a breach in her daughter's files.
Jillian Keck, 10, was struck by a vehicle while crossing a Sarnia street Jan. 7. She later died in hospital.
"... they did tell me the person's names who were in her files, but could not divulge disciplinary action taken against them," Diane Keck wrote online. "I am angered by some people's sense of entitlement to this info and the morbid curiosity that is presently outweighing the professionalism at Bluewater Health."
Sources say staff members were also accessing information related to the accused charged in the murder investigation of teacher Noelle Paquette, 27.
Attempts to reach Keck for further comment were unsuccessful.
Bluewater Health officials won't say how many patients were affected by the breach, what information was accessed or how many staff members were fired.
Fewer than 17 staff were involved in the breach, said Karen Waymouth, chief information and privacy officer.
Waymouth personally contacted patients who's information was accessed, but didn't say if Keck's family was among those.
"The only thing I can confirm is we followed our policies and processes and appropriate action was taken," she said.
Employees, doctors, volunteers and students sign a pledge of confidentiality as part of orientation at Bluewater Health. There is a zero-tolerance policy for unauthorized or inappropriate access to patient information.
The non-clinical staff had access to patient information as part of their jobs, Waymouth said. But they were only authorized to access information for patients whose care they were directly involved in at the time.
"If you're involved with a patient, then you access those screens to be able to do your work in the computer," she said. "If you're not part of that patient care, then you shouldn't go into other records that you're not part of the care."