DISCIPLINE COMMITTEE OF THE COLLEGE OF NURSES OF ONTARIO
PANEL: Robert MacKay, Chairperson Public Member
Shiraz Irani, RN Member
Ashleigh Molloy Public Member Desiree-Ann Prillo, RPN Member George Rudanycz, RN Member
BETWEEN:
COLLEGE OF NURSES OF ONTARIO ) MEGAN SHORTREED for the ) College of Nurses of Ontario
- and - )
ANA MARIA PALUSCI ) DANIELLE BISNAR for Reg. No. 11483780 ) Ana Maria Palusci
) Heard: February 6, 2017
AMENDED DECISION AND REASONS
This matter came on for hearing before a panel of the Discipline Committee (“the Panel”) on February 6, 2017 at the College of Nurses of Ontario (“the College”) at Toronto.
Publication Ban
At the outset of the hearing, Counsel for the College brought a motion pursuant to s.45(3) of the Health Professions Procedural Code of the Nursing Act, 1991, for an order banning the publication or broadcasting of the identity of the client referred to in the Discipline Hearing or any information that could reasonably disclose the identity of the client. Counsel for Ana Maria Palusci (the “Member”) consented to the order.
Accordingly, the Panel ordered a ban of the public disclosure outside the hearing room, including the publication or broadcasting, of the identity of the client referred to in the Discipline Hearing held on February 6, 2017 or any information that could reasonable disclose the identity of the client.
The Allegations
The allegations against the Member as stated in the Notice of Hearing dated October 30, 2016 are as follows.
IT IS ALLEGED THAT:
You have committed an act of professional misconduct as provided by subsection 51(1)(c) of the Health Professions Procedural Code of the Nursing Act, 1991, S.O. 1991, c. 32, as amended, and defined in subsection 1(1) of Ontario Regulation 799/93, in that, while employed as a Registered Nurse at [the Hospital] in [ ], Ontario (the “Hospital”), you contravened a standard of practice of the profession or failed to meet the standard of practice of the profession with respect to accessing a Hospital client’s personal health information in electronic medical records, without consent or other authorization, on or about October 11, 2014, at 7:27 a.m.
You have committed an act of professional misconduct as provided by subsection 51(1)(c) of the Health Professions Procedural Code of the Nursing Act, 1991, S.O. 1991, c. 32, as amended, and defined in subsection 1(37) of Ontario Regulation 799/93, in that, while employed as a Registered Nurse at the Hospital, you engaged in conduct or performed an act, relevant to the practice of nursing, that, having regard to all the circumstances, would reasonably be regarded by members of the profession as disgraceful, dishonourable or unprofessional with respect to accessing a Hospital client’s personal health information in electronic medical records, without consent or other authorization, on or about October 11, 2014, at 7:27 a.m.
Member’s Plea
The Member admitted the allegations set out in paragraphs 1 and 2 in the Notice of Hearing (Exhibit 1). The Panel conducted an oral plea inquiry and as a result was satisfied that the Member’s admission was voluntary, informed and unequivocal.
Agreed Statement of Facts
Counsel for the College and the Member advised the Panel that agreement had been reached on the facts and introduced an Agreed Statement of Facts (ASF), which the Panel marked Exhibit 3. The ASF reads as follows:
THE MEMBER
Ana Maria Palusci (the “Member”) obtained a degree in nursing from York University in 2011.
The Member registered with the College of Nurses of Ontario (the “College”) as a Registered Nurse (“RN”) on December 13, 2011.
The Member was employed full-time as a Registered Nurse at [the Hospital] from November 28, 2011 to October 17, 2014, when she resigned her employment with the Hospital as a result of the incident below.
THE CLIENT
[The Client] was [ ] years old at the time of the incident.
The Client was on [the Unit] at the Hospital.
At the time of the incident, [the Client] was [ ] and the fact of [ ] admission to the Hospital and [ ] general diagnosis were widely publicized. Given the Client’s profile, the Hospital took extra measures to protect [ ] privacy.
The Hospital used PowerChart as its electronic health record system. When PowerChart is launched, a Privacy Notice appears, which states:
Privacy of our patients and protection of their personal health information is a top priority for [the Hospital]. Access to any aspect of a patient’s record is restricted only to those individuals involved in the circle of care for that patient or other authorized users. [The Hospital] regularly audits access to all health records, and any unauthorized access may lead to disciplinary action up to and including termination of employment…
- The Client was designated a [ ] client by the Hospital, which meant that a yellow star appeared beside [the Client’s] name when [the Client’s] name or Medical Record Number was entered in PowerChart. When [the Client’s] health record was accessed, by clicking on [the Client’s] name, a Privacy Notice popped up that said:
Please respect the privacy of this patient’s health record. The hospital will be auditing access to this record, and any unauthorized access will be addressed in accordance with [the Hospital’s] privacy policies.
By clicking “ok” I confirm that I am part of the circle of care of this patient, and am accessing this record for the purpose of providing care only.
- On September 11, 2014, the Hospital President and CEO sent an email hospital-wide with the subject line: [ ]. The email stated:
As you may be aware, a [ ] patient was admitted here at [the Hospital] earlier today. At this time I ask for your full cooperation and diligence in following our clinical and privacy protocols while this patient remains in our care, as we do for all our patients.
- On September 18, 2014, the Hospital President and CEO sent a follow up email hospital-wide with the subject line: “Update on [ ] Patient.” The email stated:
…I can’t stress enough the responsibility we have as an organization to uphold our code of conduct and privacy policies with this patient [the Client] and every patient within our care.
Access to any aspect of a patient’s record is restricted to individuals involved in the circle of case for that patient, or other authorized users. Access to patient records is regularly audited; unauthorized access will be investigated and will lead to discipline up to and including termination.
HOSPITAL POLICIES
The Hospital had a policy titled “Confidentiality of Personal Health Information Policy and Procedure.” The purpose of the Policy was to outline the Hospital’s “commitment to the protection of patient health information from theft, loss and unauthorized access, copying, modification, use and disclosure.”
The Policy also contained a section called Breaches of Patient Privacy, which stated that a breach “includes any intentional or inadvertent unauthorized access, use or disclosure of confidential information and any inappropriate disposal of confidential information.”
The Hospital also had a policy called “Information Systems Security Policy.” The policy contained a section called “Passwords,” which stated that “[p]asswords are intended to protect the database from being accessed by untrained personnel or unauthorized users to maintain the privacy and confidentiality of health care information.”
The policy also contained a section on “Logging Out,” which stated:
Users should not leave a workstation unattended while a session is in progress, with the exception of computers in a restricted area where workers are performing a similar function.
When leaving a publically accessible terminal, users must sign off from an application…
Neglecting to log out or otherwise protect the confidentiality of electronically stored information constitutes a breach in security and is subject to disciplinary action…
COLLEGE STANDARDS
The College issued a Practice Standard titled Confidentiality and Privacy – Personal Health Information (“Practice Standard”). It was first published in 2004 and updated in 2009. It largely addresses the Personal Health Information Protection Act (“PHIPA”).
The Practice Standard begins with a general statement about the purpose of practice standards:
Nursing standards are expectations that contribute to public protection. They inform nurses of their accountabilities and the public of what to expect of nurses. Standards apply to all nurses regardless of their role, job description or area of practice.
- The Practice Standard provides key indicators nurses can use to ensure they are meeting the standard, including:
The nurse meets the standard by:
seeking information about issues of privacy and confidentiality of personal health information;
maintaining confidentiality of clients’ personal health information with members of the healthcare team, who are also required to maintain confidentiality, including information that is documented or stored electronically;
maintaining confidentiality after the professional relationship has ended, an obligation that continues indefinitely when the nurse is no longer caring for a client or after a client’s death;
ensuring clients or substitute decision-makers are aware of the general composition of the health care team that has access to confidential information;
collecting only information that is needed to provide care;
not discussing client information with colleagues or the client in public places such as elevators, cafeterias and hallways;
accessing information for her/his clients only and not accessing information for which there is no professional purpose;
safeguarding the security of computerized, printed or electronically displayed or stored information against theft, loss, unauthorized access or use, disclosure, copying, modification or disposal; [emphasis added]
not sharing computer passwords; …
- The Member acknowledges that she was bound by the College’s Practice Standard and that a nurse who breaches those standards and the statutory obligations set out in PHIPA is subject to discipline by the College.
INCIDENT RELEVANT TO ALLEGATIONS OF PROFESSIONAL MISCONDUCT
The Member worked the night shift on October 10, 2014, from 19:30 to 07:30.
In October 2014, the Hospital conducted an internal audit of its electronic document system. The audit revealed that on October 11, 2014, someone using the Member’s log in credentials accessed the Client’s personal health record, a client for whom she had not been providing care.
The Member was working on [Unit 1] when the Client’s health records was accessed. The Client was in [Unit 2]. The two units are separate – staff in [Unit 1] are not within the circle of care for clients in [Unit 2]. While the Member had worked some shifts on [Unit 2], she had never been assigned to the Client, or in [ ] circle of care.
The audit revealed that the Member’s unique login credentials were used to access the client’s “Inpatient Summary,” which contains personal health information within the meaning of PHIPA. The Inpatient Summary contains the following personal health information within the meaning of PHIPA: patient's name, age, date of birth, reason for visit, vital signs, emergency contact (next of kin), attending physician, diagnosis, links to medications, list of and links to pathology tests, list of and links to microbiology tests, list of and links to diagnostic tests, and links to more detailed heath information.
The audit report showed that the Member’s login was used in the same server to access the Client’s record and the record for [Client A], who was assigned to her, in close time proximity, as follows:
07:12:57: Member opened chart for [Client A]
07:25: Member made an entry in [Client A’s] chart about the care she provided earlier on her shift
07:27:18: Member’s login used to open [Client A’s] chart
07:27:29: Member opened chart for [Client A]
If the Member were to testify, she would say that, although she did not access [the Client’s] health record herself, she failed to secure her workstation from unauthorized access or use when she did not log off after charting in [Client A’s] record at 07:25 on October 11, 2014. The Member therefore takes full responsibility for the access to the Client’s personal health information made with her login credentials.
The Member states that she has reviewed the College's Standards and understands the importance of maintaining confidentiality of client records and her responsibility to safeguard workstations in order to secure personal health information. The Member has expressed remorse and cooperated with the College.
ADMISSIONS OF PROFESSIONAL MISCONDUCT
The Member admits that she failed to safeguard the security of computerized personal health information against unauthorized access, and in particular, that she failed to safeguard his computer password and left a workstation without logging out. This conduct resulted in an unauthorized access to the Client’s personal health information, as set out in paragraphs 19 to 25 above. It constitutes a breach of the College’s standard on Confidentiality and Privacy – Personal Health Information and dishonourable and unprofessional conduct with respect to the access of the Client’s personal health information without consent or authorization.
The Member admits that she committed the acts of professional misconduct as alleged in the following paragraphs of the Notice of Hearing:
1, in that she contravened a standard of practice of the profession or failed to meet the standards of practice of the profession; and
2, in that she engaged in conduct or performed an act, relevant to the practice of nursing, that having regard to all the circumstances, would reasonably be regarded by members of the profession as dishonourable and unprofessional.
Decision
The Panel found that the Member committed acts of professional misconduct as alleged in paragraphs 1 and 2 of the Notice of Hearing. As to the allegation in paragraph 2, the Panel found that the Member engaged in conduct that would reasonably be considered by members of the profession to be dishonourable and unprofessional when she failed to safeguard access of the personal health information a client without consent or other authorization to do so on or about October 11, 2014.
Reasons for Decision
The Panel considered the agreed facts, the admissions in the ASF and the plea of the Member and found that this evidence supported findings of professional misconduct as alleged in the Notice of Hearing.
The admitted facts in paragraphs 19 through 25 relate directly to allegation 1 of the Notice of Hearing in that the Member admits she logged into a workstation to open a chart and did not log off after charting. Her unique login credentials were then used to access the Client’s personal health information. At paragraph 26 of the ASF the Member admits that the facts in paragraphs 19 through 25 constitute a breach of the College’s standard on Confidentiality and Privacy.
With respect to Allegation 2, the Panel found that the conduct of the Member conduct in failing to safeguard her unique login credentials and the personal health information of the Client and in contravening a standard of practice of the profession is unprofessional in that she failed to demonstrate good judgment and responsibility as required by a professional.
The parties also asked the Panel to find under allegation 2 that the conduct of the Member would reasonably be viewed by members as dishonourable. The Panel is well aware that the Discipline Committee at this College usually reserves the term “dishonourable” for conduct that has an element of moral failing, often involving dishonesty and deceit with an element of moral failing. In this particular case the Panel did not see in the facts before us any specific admission that might clearly rise to the level of “dishonourable” as that word is normally used at this College. However, as both parties asked the Panel to make that finding, the Panel found that conduct wold reasonably be regarded by members as dishonourable.
Penalty Submissions
Counsel for the College and the Member advised the Panel that a Joint Submission on Order had been agreed upon. The Joint Submission invited the Panel to make an order as follows:
Requiring the Member to appear before the Panel to be reprimanded within three months of the date that this Order becomes final.
Directing the Executive Director to suspend the Member’s certificate of registration for one month. This suspension shall take effect from the date that this Order becomes final and shall continue to run without interruption as long as the Member remains in the practising class.
Directing the Executive Director to impose the following terms, conditions and limitations on the Member’s certificate of registration:
a) The Member will attend two meetings with a Nursing Expert (the “Expert”), at her own expense and within six months from the date of this Order. To comply, the Member is required to ensure that:
i. The Expert has expertise in nursing regulation and has been approved by the Director of Professional Conduct (the “Director”) in advance of the meetings;
ii. At least seven days before the first meeting, the Member provides the Expert with a copy of:
the Panel’s Order,
the Notice of Hearing,
the Agreed Statement of Facts,
this Joint Submission on Order, and
if available, a copy of the Panel’s Decision and Reasons;
iii. Before the first meeting, the Member reviews the following College publications and completes the associated Reflective Questionnaires, online learning modules and online participation forms (where applicable):
Professional Standards,
Confidentiality and Privacy – Personal Health Information,
iv. Before the first meeting, the Member reviews Circle of Care: Sharing Personal Health Information for Health-Care Purposes, as released by the Information and Privacy Commissioner of Ontario;
v. At least seven days before the first meeting, the Member provides the Expert with a copy of the completed Reflective Questionnaires, and online participation forms;
vi. The subject of the sessions with the Expert will include:
the acts or omissions for which the Member was found to have committed professional misconduct,
the potential consequences of the misconduct to the Member’s clients, colleagues, profession and self,
strategies for preventing the misconduct from recurring,
the publications, questionnaires and modules set out above, and
the development of a learning plan in collaboration with the Expert;
vii. Within 30 days after the Member has completed the last session, the Member will confirm that the Expert forwards his/her report to the Director, in which the Expert will confirm:
the dates the Member attended the sessions,
that the Expert received the required documents from the Member,
that the Expert reviewed the required documents and subjects with the Member, and
the Expert’s assessment of the Member’s insight into her behaviour;
viii. If the Member does not comply with any one or more of the requirements above, the Expert may cancel any session scheduled, even if that results in the Member breaching a term, condition or limitation on her certificate of registration;
b) For a period of 12 months from the date the Member’s suspension ends, the Member will notify her employers of the decision. To comply, the Member is required to:
i. Ensure that the Director is notified of the name, address, and telephone number of all employer(s) within 14 days of commencing or resuming employment in any nursing position;
ii. Provide her employer(s) with a copy of:
the Panel’s Order,
the Notice of Hearing,
the Agreed Statement of Facts,
this Joint Submission on Order, and
a copy of the Panel’s Decision and Reasons, once available;
iii. Ensure that within 14 days of the commencement or resumption of the Member’s employment in any nursing position, the employer(s) forward(s) a report to the Director, in which it will confirm:
that they received a copy of the required documents, and
that they agree to notify the Director immediately upon receipt of any information that the Member has breached the standards of practice of the profession; and
All documents delivered by the Member to the College, the Expert or the employer(s) will be delivered by verifiable method, the proof of which the Member will retain.
College Submissions on Penalty
The College submitted that the main aggravating factor in this case was the seriousness of accessing the Client’s medical record despite multiple hospital onscreen warnings, emails from the President and CEO of the hospital asking for diligence in following clinical and privacy protocols, express warnings that unauthorized access will be investigated, and a yellow star appearing beside the name of the Client.
The College provided two cases in support of the Joint Submission as to Order:
CNO v. Manuel (Discipline Committee, 2016). This case is on point in that it also involved a member failing to safeguard their unique login credential for access to client health information. The penalty is the same as proposed by the parties in this matter.
CNO v. Raeburn-Lewis (Discipline Committee, 2016). This case is also similar in that it involves a single access of health information of a client through failure to safeguard the unique login credentials of the Member. The key elements of the penalty are the same: a reprimand, one-month suspension, and two meetings with a Nursing Expert.
Ms. Shortreed submitted that the proposed penalty order in this matter is therefore in the normal range and the Panel should make that order.
Member Submissions on Penalty
The Member agreed with the penalty submissions of the College above. Ms. Bisnar added that the proposed order was reasonable and in the public interest. The Member submitted that the breach was less serious in that it was a single access. Counsel for the Member stated that the Member had willingly negotiated the Agreed Statement of Facts and Joint Submission on Order, saving considerable time and costs, and had no prior misconduct.
Penalty Decision
The Panel accepted the Joint Submission as to Order and accordingly orders:
Requiring the Member to appear before the Panel to be reprimanded within three months of the date that this Order becomes final.
Directing the Executive Director to suspend the Member’s certificate of registration for one month. This suspension shall take effect from the date that this Order becomes final and shall continue to run without interruption as long as the Member remains in the practising class.
Directing the Executive Director to impose the following terms, conditions and limitations on the Member’s certificate of registration:
a) The Member will attend two meetings with a Nursing Expert (the “Expert”), at her own expense and within six months from the date of this Order. To comply, the Member is required to ensure that:
i. The Expert has expertise in nursing regulation and has been approved by the Director of Professional Conduct (the “Director”) in advance of the meetings;
ii. At least seven days before the first meeting, the Member provides the Expert with a copy of:
the Panel’s Order,
the Notice of Hearing,
the Agreed Statement of Facts,
this Joint Submission on Order, and
if available, a copy of the Panel’s Decision and Reasons;
iii. Before the first meeting, the Member reviews the following College publications and completes the associated Reflective Questionnaires, online learning modules and online participation forms (where applicable):
Professional Standards,
Confidentiality and Privacy – Personal Health Information,
iv. Before the first meeting, the Member reviews Circle of Care: Sharing Personal Health Information for Health-Care Purposes, as released by the Information and Privacy Commissioner of Ontario;
v. At least seven days before the first meeting, the Member provides the Expert with a copy of the completed Reflective Questionnaires, and online participation forms;
vi. The subject of the sessions with the Expert will include:
the acts or omissions for which the Member was found to have committed professional misconduct,
the potential consequences of the misconduct to the Member’s clients, colleagues, profession and self,
strategies for preventing the misconduct from recurring,
the publications, questionnaires and modules set out above, and
the development of a learning plan in collaboration with the Expert;
vii. Within 30 days after the Member has completed the last session, the Member will confirm that the Expert forwards his/her report to the Director, in which the Expert will confirm:
the dates the Member attended the sessions,
that the Expert received the required documents from the Member,
that the Expert reviewed the required documents and subjects with the Member, and
the Expert’s assessment of the Member’s insight into her behaviour;
viii. If the Member does not comply with any one or more of the requirements above, the Expert may cancel any session scheduled, even if that results in the Member breaching a term, condition or limitation on her certificate of registration;
b) For a period of 12 months from the date the Member’s suspension ends, the Member will notify her employers of the decision. To comply, the Member is required to:
i. Ensure that the Director is notified of the name, address, and telephone number of all employer(s) within 14 days of commencing or resuming employment in any nursing position;
ii. Provide her employer(s) with a copy of:
the Panel’s Order,
the Notice of Hearing,
the Agreed Statement of Facts,
this Joint Submission on Order, and
a copy of the Panel’s Decision and Reasons, once available;
iii. Ensure that within 14 days of the commencement or resumption of the Member’s employment in any nursing position, the employer(s) forward(s) a report to the Director, in which it will confirm:
that they received a copy of the required documents, and
that they agree to notify the Director immediately upon receipt of any information that the Member has breached the standards of practice of the profession; and
All documents delivered by the Member to the College, the Expert or the employer(s) will be delivered by verifiable method, the proof of which the Member will retain.
Reasons for Penalty Decision
The Panel understands that the penalty ordered should protect the public interest and enhance public confidence in the ability of the College to regulate nurses. This is achieved through a penalty that addresses specific deterrence, general deterrence and, where appropriate, rehabilitation and remediation. The Panel also considered the penalty in light of the principle that joint submissions should not be interfered with lightly.
The Panel considered the cases submitted by College Counsel regarding the proposed penalty and found that both provided were useful to the Panel in its review. They assisted the Panel in concluding that the proposed penalty is reasonable and in the public interest.
The Member co-operated with the College, and, by agreeing to the facts and proposed penalty has accepted responsibility. The Panel found that the penalty satisfies the principle of general deterrence through the reprimand and the suspension. The Panel found that specific deterrents are satisfied by the reprimand, the suspension, and meeting with a Nursing Expert.
The penalty provided remediation of the Member through the reprimand and the meetings with a Nursing Expert. Public protection is addressed by employer notification for 12 months.
I, Robert MacKay, sign this decision and reasons for the decision as Chairperson of this Discipline Panel and on behalf of the members of the Discipline Panel.
Robert MacKay, Chairperson Date
Panel Members:
Robert MacKay
Shiraz Irani, RN
Ashleigh Molloy
Desiree-Ann Prillo, RPN
George Rudanycz, RN