The Situation
Registered nurse Marcella Calvano said the reason she violated privacy rules and looked at patient records was simply curiosity. She could see a patient’s date of birth, the reason for their visit to the hospital and any diagnostic images. She snooped into hundreds of private patient files over a period of two years, never telling anyone what she read, or using the information for personal gain. But the fact was she had no professional reason to look at the files.
But when an ER nurse tried to pull up a patient's electronic health record on a computer, she was denied access because Calvano was already looking at it.
Calvano’s secret hobby quickly unravelled when the nurse alerted her supervisor and the hospital conducted an audit.
She was fired from the hospital and was called to appear before the Discipline Committee for a hearing at the College of Nurses of Ontario. Even though she lost her job, the Discipline Committee still imposed a harsh penalty, sending a message to the profession.
During the hearing the prosecutor said “This college has consistently prosecuted offences of this nature and has warned the profession about the dangers and the inappropriateness of accessing electronic health care information without a professional purpose, but the problem continues to be one that is endemic.”
The Consequences
To emphasize the seriousness of the nurse’s misconduct, the Committee applied a severe penalty:
- They ordered her certificate of registration be suspended for three months.
- She was required to appear before the Committee to be reprimanded in person.
- Terms, conditions and limitations were placed on her certificate of registration requiring her to successfully complete remedial activities, to inform her employer of the discipline hearing outcome and make the College of Nurses of Ontario aware of all employers for a specified period of time.
From the Practice Advisor - College of Physiotherapists of Ontario
This Case of the Month is a great example of why in most cases patient consent is required to share the patient’s information. I suspect most PTs have treated a patient with a sensational story—a celebrity, a professional athlete, or a person with an unusual condition. A PT could be tempted to share the ‘juicy’ details with their co-workers but unless you have the patient’s consent you could be breaching their privacy. Just because you work for the same company or in the same location it does not mean that everyone should have equal access to patient information.
The Office of the Information and Privacy Commissioner has a great booklet about Circle of Care—a great reminder to help PTs decide when information can be shared or accessed.
Shelley Martin, Practice Advisor
College of Physiotherapists of Ontario
Read more: What does Professional Misconduct Mean to Me?