This issue of PrivacyScan considers some of the recent cases where employees have been terminated for committing privacy breaches. The vast majority of cases occur in the public sector and involve personal health information. One nurse stated that it is “common practice amongst physicians, amongst mental health nurses, amongst site clinical managers, to look up their own information, their family information, and whoever else they want to.” This is every privacy manager’s worst nightmare, as it suggests to the public a culture completely lacking in sensitivity towards privacy and confidentiality. All of the referenced cases involve intentional breaches (i.e., no lost USB keys or laptops) and many of the fired employees were simply accessing personal information out of curiosity, and not for any obvious personal gain. These cases – particularly those that result in judicial consideration (i.e., claims for wrongful dismissal) – can provide invaluable insight for employers who are faced with the tough challenge of dealing with employees who commit privacy breaches. They also emphasize the need for employers to institute practices to address the powerful desire of certain employees to snoop on sensitive personal information, including training, access management, and auditing of employee access.
Read more (Requires Log-in or Subscription)