A businesswoman has gone public with a story about how a careless faxing mistake has compromised dozens of patients’ mental health records over the course of the last decade.
Lisa Belanger, a spa owner who lives in Bedford, Nova Scotia, contacted CBC News to tell them that her business has received “dozens of faxes” from doctors’ offices intended for a mental health referral office located in the Bedford-Saxville area over the past 10 years.
Most of the faxes contained personally identifiable information including patients’ names, phone numbers, and even notes regarding their mental health histories.
She still remembers the first fax she received some years ago:
“It was a patient who was sadly suicidal and needed to see somebody at the crisis center. It was my first time ever seeing something like that or even being aware that something like that could be sent by those means.”
The fax numbers for the mental health referral office and Belanger’s business are identical except for one digit.
The spa owner estimates she currently receives between eight and 14 misdirected faxes a year.
One of the patients affected by the privacy breach still feels very upset that his information was exposed, as they anonymously told CBC News in a separate article:
“This is pretty serious stuff. This can ruin people’s relationships, careers, a whole myriad of things. If that information had of got out it would have been devastating. It is very frustrating and not acceptable. It’s just not acceptable. That’s the most personal of information.”
Throughout the years, Belanger has reached out to the Capital District Health Authority, Health Minister Leo Glavine’s office, the College of Physicians and Surgeons, and the office of Nova Scotia’s privacy commissioner in the hopes that someone would do something to rectify the issue.
The spa owner explains she’s been told memos were sent out to doctors’ offices all over Nova Scotia reminding staff members to enter in the correct fax number. Still, the problem has persisted.
Some organizations stated they passed along Belanger’s complaints for “corrective action,” whereas others denied ever having a record of the businesswoman’s calls.
The Nova Scotia Health Authority said it is currently looking into methods other than fax to send confidential medical and mental health records to doctors’ offices.
Ultimately, Halifax privacy lawyer David Fraser feels it is up to the provincial privacy commissioner to do something, saying it’s “incumbent upon them to investigate and find out really, in fact, what is going on.”
It’s troubling that no one aside from Belanger has done anything to address this breach… unless of course you consider sending memos to be a meaningful act.
The fact that dozens of doctors’ offices are guilty of sending faxes to Belanger’s spa has me wondering whether the mental health referral office’s number is mislabeled in a directory of some sort. If that is the case, someone in the medical field should have acted upon Belanger’s complaints and changed the number years ago. In a gross act of negligence, no one did anything.
In this information age, we are all responsible for protecting not only our own data but also the information of others.
With that in mind, if you find yourself in a position similar to Belanger’s, shred the sensitive documents, contact an appropriate authority, and don’t stop contacting them until someone hears your complaint.
We can only hope someone would do the same for you.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.