College of Nurses of Ontario v. Elmer Manuel, 2016 ONCNO 104242

DISCIPLINE COMMITTEE OF THE COLLEGE OF NURSES OF ONTARIO

PANEL: Margaret Tuomi, Public Member Chairperson David Edwards, RPN Member Cheryl Evans, RN Member Susan Roger, RN Member

BETWEEN:

COLLEGE OF NURSES OF ONTARIO MEGAN SHORTREED for College of Nurses of Ontario

• and -

ELMER MANUEL Registration No. 0200394 MICHAEL MANDARINO for Elmer Manuel

LUISA RITACCA Independent Legal Counsel

Heard: November 3, 2016

DECISION AND REASONS

This matter came on for hearing before a panel of the Discipline Committee (the “Panel”) on November 3, 2016 at the College of Nurses of Ontario (“the College”) at Toronto.

Publication Ban

Preliminary motions in this matter were heard by a separate panel of the Discipline Committee on August 12, 2016. The preliminary orders made include a ban of the public disclosure outside of the hearing room of the identities of the patients referred to in the Discipline Hearing of the Member or any information that could disclose the patients’ identities, including a ban on the publication or broadcasting of those matters.

The Allegations

The allegations against Elmer Manuel (the “Member”) as stated in the Notice of Hearing dated August 9, 2016 are as follows.

IT IS ALLEGED THAT:

1. You have committed an act of professional misconduct as provided by subsection 51(1)(c) of the Health Professions Procedural Code of the Nursing Act, 1991, S.O. 1991, c. 32, as amended, and defined in subsection 1(1) of Ontario Regulation 799/93, in that, while employed as a Registered Nurse at [the Hospital] in [ ], Ontario (the “Hospital”), you contravened a standard of practice of the profession or failed to meet the standard of practice of the profession with respect to accessing a Hospital client’s personal health information in electronic medical records, without consent or other authorization, on or about September 15, 2014, at 7:59 a.m.

2. You have committed an act of professional misconduct as provided by subsection 51(1)(c) of the Health Professions Procedural Code of the Nursing Act, 1991, S.O. 1991, c. 32, as amended, and defined in subsection 1(37) of Ontario Regulation 799/93, in that, while employed as a Registered Nurse at the Hospital, you engaged in conduct or performed an act, relevant to the practice of nursing, that, having regard to all the circumstances, would reasonably be regarded by members of the profession as disgraceful, dishonourable or unprofessional with respect to accessing a Hospital client’s personal health information in electronic medical records, without consent or other authorization, on or about September 15, 2014, at 7:59 a.m.

Member’s Plea

The Member admitted the allegations set out in paragraphs 1 and 2 in the Notice of Hearing. The Panel received a written plea inquiry which was signed by the Member. The Panel also conducted an oral plea inquiry and was satisfied that the Member’s admission was voluntary, informed and unequivocal.

Agreed Statement of Facts

Counsel for the College and the Member advised the Panel that agreement had been reached on the facts and introduced an Agreed Statement of Facts. The ASF is reproduced here in its entirety, without any edits or redactions that may be required to comply with the publication ban.

THE MEMBER

1. Elmer Manuel (the “Member”) obtained a diploma in nursing in the Philippines in 1991.

2. The Member registered with the College of Nurses of Ontario (the “College”) as a Registered Nurse (“RN”) on December 27, 2001.

3. The Member was employed at [the Hospital] as a Registered Nurse from January 14, 2002 to September 16, 2014, when his employment was terminated as a result of the incident below.

4. The Member has no prior disciplinary history with the College.

5. The Member has no disciplinary history with the Hospital. He received excellent performance appraisals each year for his clinical knowledge and leadership.

THE CLIENT

6. [The Client] was [ ] years old at the time of the incident.

7. The Client was on [the Unit] at the Hospital.

8. At the time of the incident, [the Client] was [ ] and the fact of [ ] admission to the Hospital and [ ] general diagnosis were widely publicized. Given the Client’s profile, the Hospital took extra measures to protect [ ] privacy.

9. The Hospital used PowerChart as its electronic health record system. When PowerChart is launched, a Privacy Notice appears, which states:

Privacy of our patients and protection of their personal health information is a top priority for [the Hospital]. Access to any aspect of a patient’s record is restricted only to those individuals involved in the circle of care for that patient or other authorized users. [The Hospital] regularly audits access to all health records, and any unauthorized access may lead to disciplinary action up to and including termination of employment…

10. The Client was designated a [ ] client by the Hospital, which meant that a yellow star appeared beside [the Client’s] name when [the Client’s ] name or Medical Record Number was entered in PowerChart. When [the Client’s] health record was accessed, by clicking on [the Client’s] name, a Privacy Notice popped up that said:

Please respect the privacy of this patient’s health record. The hospital will be auditing access to this record, and any unauthorized access will be addressed in accordance with [the Hospital’s] privacy policies.

By clicking “ok” I confirm that I am part of the circle of care of this patient, and am accessing this record for the purpose of providing care only.

11. On September 11, 2014, the Hospital President and CEO sent an email hospital-wide with the subject line: [ ]. The email stated:

As you may be aware, a [ ] patient was admitted here at [the Hospital] earlier today. At this time I ask for your full cooperation and diligence in following our clinical and privacy protocols while this patient remains in our care, as we do for all our patients.

HOSPITAL POLICIES

12. The Hospital had a policy titled “Confidentiality of Personal Health Information Policy and Procedure.” The purpose of the Policy was to outline the Hospital’s “commitment to the protection of patient health information from theft, loss and unauthorized access, copying, modification, use and disclosure.”

13. The Policy also contained a section called Breaches of Patient Privacy, which stated that a breach “includes any intentional or inadvertent unauthorized access, use or disclosure of confidential information and any inappropriate disposal of confidential information.”

14. The Hospital also had a policy called “Information Systems Security Policy.” The policy contained a section called “Passwords,” which stated that “[p]asswords are intended to protect the database from being accessed by untrained personnel or unauthorized users to maintain the privacy and confidentiality of health care information.”

15. The policy also contained a section on “Logging Out,” which stated:

Users should not leave a workstation unattended while a session is in progress, with the exception of computers in a restricted area where workers are performing a similar function.

When leaving a publically accessible terminal, users must sign off from an application…

Neglecting to log out or otherwise protect the confidentiality of electronically stored information constitutes a breach in security and is subject to disciplinary action…

16. The Member signed a Confidentiality Agreement with the Hospital on January 14, 2002, in which he agreed to “observe and comply with the policies and procedures” of the Hospital with respect to confidentiality.

COLLEGE STANDARDS

17. The College issued a Practice Standard titled Confidentiality and Privacy – Personal Health Information (“Practice Standard”). It was first published in 2004 and updated in 2009. It largely addresses the Personal Health Information Protection Act (“PHIPA”).

18. The Practice Standard begins with a general statement about the purpose of practice standards:

Nursing standards are expectations that contribute to public protection. They inform nurses of their accountabilities and the public of what to expect of nurses. Standards apply to all nurses regardless of their role, job description or area of practice.

19. The Practice Standard provides key indicators nurses can use to ensure they are meeting the standard, including:

The nurse meets the standard by:

• seeking information about issues of privacy and confidentiality of personal health information;

• maintaining confidentiality of clients’ personal health information with members of the healthcare team, who are also required to maintain confidentiality, including information that is documented or stored electronically;

• maintaining confidentiality after the professional relationship has ended, an obligation that continues indefinitely when the nurse is no longer caring for a client or after a client’s death;

• ensuring clients or substitute decision-makers are aware of the general composition of the health care team that has access to confidential information;

• collecting only information that is needed to provide care;

• not discussing client information with colleagues or the client in public places such as elevators, cafeterias and hallways;

• accessing information for her/his clients only and not accessing information for which there is no professional purpose;

• safeguarding the security of computerized, printed or electronically displayed or stored information against theft, loss, unauthorized access or use, disclosure, copying, modification or disposal; [emphasis added]

• not sharing computer passwords; …

20. The Member acknowledges that he was bound by the College’s Practice Standard and that a nurse who breaches those standards and the statutory obligations set out in PHIPA is subject to discipline by the College.

INCIDENT RELEVANT TO ALLEGATIONS OF PROFESSIONAL MISCONDUCT

21. The Member worked the day shift on September 15, 2014.

22. In September 2014, the Hospital conducted an internal audit of its electronic documentation system. The audit revealed that on September 15, 2014 at 07:59, the Member’s login was used to access the Client’s personal health record, a client for whom he had not been providing care.

23. The Member was working on [Unit 1], when the access was made. The Client was in [Unit 2]. The two units are separate – staff in [Unit 1] are not within the circle of care for patients in [Unit 2].

24. The audit revealed that the Member’s unique login credentials were used to access the client’s “Inpatient Summary,” which contains personal health information within the meaning of PHIPA. The Inpatient Summary contains the following personal health information within the meaning of PHIPA: patient's name, age, date of birth, reason for visit, vital signs, emergency contact (next of kin), attending physician, diagnosis, links to medications, list of and links to pathology tests, list of and links to microbiology tests, list of and links to diagnostic tests, and links to more detailed heath information.

25. There is no indication that any other personal health information or documentation was accessed, because the system does not track what is viewed beyond the Inpatient Summary.

26. If the Member were to testify, he would say that, although he did not access the Client’s health record himself, he failed to secure his workstation from unauthorized access or use when he did not log off before attending to his assigned client at or around 08:00 on September 15, 2014. The Member therefore takes full responsibility for the access to the Client’s personal health information made with his login credentials.

27. The Member states that he has reviewed the College's Standards and understands the importance of maintaining confidentiality of client records and his responsibility to safeguard workstations in order to secure personal health information. The Member has expressed remorse and cooperated with the College.

ADMISSIONS OF PROFESSIONAL MISCONDUCT

28. The Member admits that he failed to safeguard the security of computerized personal health information against unauthorized access, and in particular, that he failed to safeguard his computer password and left a workstation without logging out. This conduct resulted in an unauthorized access to the Client’s personal health information, as set out in paragraphs 21 to 27 above. It constitutes a breach of the College’s standard on Confidentiality and Privacy – Personal Health Information and dishonourable and unprofessional conduct with respect to the access of the Client’s personal health information without consent or authorization.

29. The Member admits that he committed the acts of professional misconduct as alleged in the following paragraphs of the Notice of Hearing:

• 1, in that he contravened a standard of practice of the profession or failed to meet the standards of practice of the profession; and

• 2, in that he engaged in conduct or performed an act, relevant to the practice of nursing, that having regard to all the circumstances, would reasonably be regarded by members of the profession as dishonourable and unprofessional.

Decision

The Panel finds that the Member committed acts of professional misconduct as alleged in paragraphs 1 and 2 of the Notice of Hearing. As to allegation #2 , the Panel finds that the Member engaged in conduct that would reasonably be considered by members to be dishonourable and unprofessional.

Reasons for Decision

The Panel considered the Agreed Statement of Facts and the Member’s plea and finds that this evidence supports findings of professional misconduct as alleged in the Notice of Hearing.

Allegation #1 in the Notice of Hearing is supported by the following facts:

• The Member was working day shift on September 15, 2014.

• The Hospital conducted an internal audit that revealed that the Member’s login credentials were used to access the client’s personal health records (Inpatient Summary).

• The client was located on another nursing unit and the Member was not within the client’s circle of care.

• The CNO Confidentiality and Privacy – Personal Health Information (2009) Practice standard provides key indicators nurses can use to ensure they are meeting the standard, specifically, “safeguarding the security of computerized, printed or electronically displayed or stored information against theft, loss, unauthorized access or use, disclosure, copying, modification or disposal” of client information.

• The Hospital had a policy titled “Confidentiality of Personal Health Information Policy and Procedure.” The purpose of the Policy was to outline the Hospital’s “commitment to the protection of patient health information from theft, loss and unauthorized access, copying, modification, use and disclosure.”

Allegation #2 in the Notice of Hearing is supported by the same facts as Allegation #1.

With respect to Allegation # 2, the Panel finds that the Member’s conduct in accessing a client’s records without consent or authorization was unprofessional as it demonstrated a lack of judgement for his professional obligations. In addition and despite repeated Hospital Privacy Notices, the Member did not heed these warnings by appropriately logging out of the electronic health record system.

The Panel also finds that the Member’s conduct was dishonourable. It demonstrated an element of disregard for the protection of the client’s personal health information and the Member knew or ought to have known the seriousness of this matter.

Penalty

Counsel for the College and the Member advised the Panel that a Joint Submission on Order had been agreed upon. The Joint Submission requests that this Panel make an order as follows.

1. Requiring the Member to appear before the Panel to be reprimanded within three months of the date that this Order becomes final.

2. Directing the Executive Director to suspend the Member’s certificate of registration for one month. This suspension shall take effect from the date that this Order becomes final and shall continue to run without interruption as long as the Member remains in the practising class.

3. Directing the Executive Director to impose the following terms, conditions and limitations on the Member’s certificate of registration:

a) The Member will attend two meetings with a Nursing Expert (the “Expert”), at his own expense and within six months from the date of this Order. To comply, the Member is required to ensure that:

i. The Expert has expertise in nursing regulation and has been approved by the Director of Professional Conduct (the “Director”) in advance of the meetings;

ii. At least seven days before the first meeting, the Member provides the Expert with a copy of:

1. the Panel’s Order,

2. the Notice of Hearing,

3. the Agreed Statement of Facts,

4. this Joint Submission on Order, and

5. if available, a copy of the Panel’s Decision and Reasons;

iii. Before the first meeting, the Member reviews the following College publications and completes the associated Reflective Questionnaires, online learning modules and online participation forms (where applicable):

1. Professional Standards,

2. Confidentiality and Privacy – Personal Health Information,

iv. Before the first meeting, the Member reviews Circle of Care: Sharing Personal Health Information for Health-Care Purposes, as released by the Information and Privacy Commissioner of Ontario;

v. At least seven days before the first meeting, the Member provides the Expert with a copy of the completed Reflective Questionnaires and online participation forms;

vi. The subject of the sessions with the Expert will include:

1. the acts or omissions for which the Member was found to have committed professional misconduct,

2. the potential consequences of the misconduct to the Member’s clients, colleagues, profession and self,

3. strategies for preventing the misconduct from recurring,

4. the publications, questionnaires and modules set out above, and

5. the development of a learning plan in collaboration with the Expert;

vii. Within 30 days after the Member has completed the last session, the Member will confirm that the Expert forwards his/her report to the Director, in which the Expert will confirm:

1. the dates the Member attended the sessions,

2. that the Expert received the required documents from the Member,

3. that the Expert reviewed the required documents and subjects with the Member, and

4. the Expert’s assessment of the Member’s insight into his behaviour;

viii. If the Member does not comply with any one or more of the requirements above, the Expert may cancel any session scheduled, even if that results in the Member breaching a term, condition or limitation on his certificate of registration;

b) For a period of 12 months from the date the Member’s suspension ends, the Member will notify his employers of the decision. To comply, the Member is required to:

i. Ensure that the Director is notified of the name, address, and telephone number of all employer(s) within 14 days of commencing or resuming employment in any nursing position;

ii. Provide his employer(s) with a copy of:

1. the Panel’s Order,

2. the Notice of Hearing,

3. the Agreed Statement of Facts,

4. this Joint Submission on Order, and

5. a copy of the Panel’s Decision and Reasons, once available;

iii. Ensure that within 14 days of the commencement or resumption of the Member’s employment in any nursing position, the employer(s) forward(s) a report to the Director, in which it will confirm:

1. that they received a copy of the required documents, and

2. that they agree to notify the Director immediately upon receipt of any information that the Member has breached the standards of practice of the profession; and

3. All documents delivered by the Member to the College, the Expert or the employer(s) will be delivered by verifiable method, the proof of which the Member will retain.

Penalty Submissions

Submissions were made by College Counsel and the Member’s Counsel.

The parties agreed that the mitigating factors in this case were:

• the Member has made admissions and cooperated with the College;

• the Member has expressed remorse;

• the Member has been registered since 2002 and has no prior disciplinary history with the College; and

• the Member has not used this client’s information nor made any disclosure of the information to another party.

The Member’s Counsel added that the Member has acknowledged and accepted responsibility for his professional obligations and gained insight into his practice. The Member is apologetic to the Hospital, the nursing profession and to the client’s family.

The aggravating factors in this case were:

• there were multiple Hospital warnings given to all staff that a [ ] client was an in-patient; and

• it was the Member’s own carelessness that allowed the inappropriate access to occur.

The proposed penalty provides for general deterrence through the reprimand, suspension and employer notification as it conveys to the Member and the profession the serious breach of confidence and trust that unauthorized access of client records represents. These activities of general deterrence for the nursing profession highlight the public concern over breaches of confidentiality and the severity of this conduct.

The proposed penalty provides for specific deterrence through the one-month suspension and the oral reprimand and employer notification.

The proposed penalty provides for remediation and rehabilitation through the terms, conditions and limitations, including specifically the meetings with a nursing expert and review of the Professional Standards and Confidentiality and Privacy – Personal Health Information.

Overall, public protection is paramount and the Joint Submission on Order achieves this through the three goals of general deterrence, specific deterrence and remediation/rehabilitation of the Member.

Counsel submitted cases to the Panel to demonstrate that the proposed penalty fell within the range of similar cases from this Discipline Committee.

• CNO vs Calvano (May 2015): While this case included multiple accesses and the penalty included a suspension of three months, there were references in this case to multiple, similar cases showing a range of facts (mostly around number of accesses) and the range of penalties imposed for unauthorized access to personal health information.

• CNO vs Raeburn-Lewis (August 2016): There were many similarities identified for the Panel with this case. In Raeburn-Lewis the penalty ordered included a one-month suspension.

Penalty Decision

The Panel accepts the Joint Submission as to Order and accordingly orders:

1. The Member is required to appear before the Panel to be reprimanded within three months of the date that this Order becomes final.

2. The Executive Director is directed to suspend the Member’s certificate of registration for one month. This suspension shall take effect from the date that this Order becomes final and shall continue to run without interruption as long as the Member remains in the practising class.

3. The Executive Director is directed to impose the following terms, conditions and limitations on the Member’s certificate of registration:

a) The Member will attend two meetings with a Nursing Expert (the “Expert”), at his own expense and within six months from the date of this Order. To comply, the Member is required to ensure that:

i. The Expert has expertise in nursing regulation and has been approved by the Director of Professional Conduct (the “Director”) in advance of the meetings;

ii. At least seven days before the first meeting, the Member provides the Expert with a copy of:

1. the Panel’s Order,

2. the Notice of Hearing,

3. the Agreed Statement of Facts,

4. this Joint Submission on Order, and

5. if available, a copy of the Panel’s Decision and Reasons;

iii. Before the first meeting, the Member reviews the following College publications and completes the associated Reflective Questionnaires, online learning modules and online participation forms (where applicable):

1. Professional Standards,

2. Confidentiality and Privacy – Personal Health Information,

iv. Before the first meeting, the Member reviews Circle of Care: Sharing Personal Health Information for Health-Care Purposes, as released by the Information and Privacy Commissioner of Ontario;

v. At least seven days before the first meeting, the Member provides the Expert with a copy of the completed Reflective Questionnaires and online participation forms;

vi. The subject of the sessions with the Expert will include:

1. the acts or omissions for which the Member was found to have committed professional misconduct,

2. the potential consequences of the misconduct to the Member’s clients, colleagues, profession and self,

3. strategies for preventing the misconduct from recurring,

4. the publications, questionnaires and modules set out above, and

5. the development of a learning plan in collaboration with the Expert;

vii. Within 30 days after the Member has completed the last session, the Member will confirm that the Expert forwards his/her report to the Director, in which the Expert will confirm:

1. the dates the Member attended the sessions,

2. that the Expert received the required documents from the Member,

3. that the Expert reviewed the required documents and subjects with the Member, and

4. the Expert’s assessment of the Member’s insight into his behaviour;

viii. If the Member does not comply with any one or more of the requirements above, the Expert may cancel any session scheduled, even if that results in the Member breaching a term, condition or limitation on his certificate of registration;

b) For a period of 12 months from the date the Member’s suspension ends, the Member will notify his employers of the decision. To comply, the Member is required to:

i. Ensure that the Director is notified of the name, address, and telephone number of all employer(s) within 14 days of commencing or resuming employment in any nursing position;

ii. Provide his employer(s) with a copy of:

1. the Panel’s Order,

2. the Notice of Hearing,

3. the Agreed Statement of Facts,

4. this Joint Submission on Order, and

5. a copy of the Panel’s Decision and Reasons, once available;

iii. Ensure that within 14 days of the commencement or resumption of the Member’s employment in any nursing position, the employer(s) forward(s) a report to the Director, in which it will confirm:

1. that they received a copy of the required documents, and

2. that they agree to notify the Director immediately upon receipt of any information that the Member has breached the standards of practice of the profession; and

3. All documents delivered by the Member to the College, the Expert or the employer(s) will be delivered by verifiable method, the proof of which the Member will retain.

Reasons for Penalty Decision

The Panel understands that the penalty ordered should protect the public and enhance public confidence in the ability of the College to regulate nurses. This is achieved through a penalty that addresses specific deterrence, general deterrence and, where appropriate, rehabilitation and remediation. The Panel also considered the penalty in light of the principle that joint submissions should not be interfered with lightly.

The Panel concluded that the proposed penalty is reasonable and in the public interest. The Member has co-operated with the College and, by agreeing to the facts and a proposed penalty, has accepted responsibility. The Panel finds that the penalty satisfies the principles of specific and general deterrence, rehabilitation and remediation, and public protection. In particular, the order of a suspension provides a clear message to the profession that unauthorized access to client information is an act that will not be dealt with lightly. It is a nurse’s obligation to safeguard the client’s personal health information and disregard for this obligation breaches the trust that the public places in the nursing profession.

The penalty is in line with what has been ordered in previous cases.

I, Margaret Tuomi, Public Member, sign this decision and reasons for the decision as Chairperson of this Discipline panel and on behalf of the members of the Discipline panel as listed below:

Chairperson Date

Panel Members:

Margaret Tuomi, Public Member

David Edwards, RPN

Cheryl Evans, RN

Susan Roger, RN