Major privacy breach: students could access hospital medical records

Students working for extra cash at Amsterdam’s OLVG hospital group have for years been given complete access to the medical records system, allowing them to read personal information about friends, family and famous people, the Volkskrant said on Friday.

The leak was made public by a philosophy student who made telephone appointments for the hospital. Fellow students recommended digging up ‘juicy details’ in the files while doing boring jobs, she told the paper.

A mistake in the software meant that all students were able to access confidential files because they were supposed to be able to work anywhere within the hospital.

Experts told the Volkskrant that the loophole again highlights how difficult it is to ensure secrecy when using electronic patient records.

The Dutch privacy watchdog ACP warned about the problem in 2013 and last year it emerged that dozens of people accessed the medical files of a television reality show star who tried to commit suicide.

Concerns about privacy have been one of the major brakes on developing a nationwide digital medical record system in the Netherlands. In 2011 the upper house of parliament pulled the plug on a €300m project to introduce such a system due to privacy concerns.

The government is now planning to introduce a system allowing patients to ‘manage’ their own medical records on their computer or mobile phone and decide who should have access to what information.

Health minister Bruno Bruins has allocated €3m to develop what he calls a ‘personal healthcare environment’ created by an alliance of patients, health insurers, healthcare providers and the national healthcare IT institute.

Thank you for donating to DutchNews.nl.

We could not provide the Dutch News service, and keep it free of charge, without the generous support of our readers. Your donations allow us to report on issues you tell us matter, and provide you with a summary of the most important Dutch news each day.

Make a donation