The latest report, published by current privacy commissioner Andrew Fox last month, refers to a 2019 incident in which a patient’s medical information was mistakenly faxed to 60 different places.
Accidental recipients, Fox wrote, included “several private companies, a number of Nunavut health centres, several Alberta health facilities – both private and provincially run – as well as other GNWT departments and organizations and several federal agencies.”
A staff member at the NWT’s health authority had been trying to fax the patient’s name, date of birth, healthcare number and some tissue specimen data to a single medical laboratory.
Fox said the health authority had told him the employee was not familiar with a new fax machine at Stanton Territorial Hospital that had a “very sensitive touch screen user interface.”
Three of the recipients got in touch after the error was made. The health authority subsequently faxed all 60 recipients, asking them to destroy the medical records that had been accidentally sent. None responded to that request.
“Only one of those notified the sender of the error. Clearly there is a need to review this part of the policy system-wide,” he wrote.
Fox acknowledged that “the healthcare industry continues to rely on faxing” beyond the NWT, meaning the health authority is not the sole culprit in the reluctance to advance to safer technology.
“Indeed, the Alberta government recently implemented a ‘new’ system for use in that province which continues to rely on fax technology for most of its communications,” Fox wrote.
“This obliges NTHSSA to communicate with Alberta healthcare institutions via fax. Nevertheless, this office will continue to encourage the use of more secure means of communication whenever possible.”
His recommendations included that the health authority use fax machines only when no safer option exists, and that “employees are trained on how to use the fax machines they are required to use.”