"I never expected it," he said. "This is one of the best hospitals I have been treated at -- the doctors, the nurses, everybody -- and it's very sad that an employee would do something like this."
Cedars-Sinai has faced previous problems with breaches of patient confidentiality.
For The Record
Los Angeles Times Thursday, December 25, 2008 Home Edition Main News Part A Page 2 National Desk 1 inches; 53 words Type of Material: Correction
Privacy breach at Cedars-Sinai: An article in Tuesday's California section on a former Cedars-Sinai Medical Center billing worker who allegedly used the identities of patients to defraud insurance companies reported that he was arrested by the Los Angeles County Sheriff's Department. James Allen Wilson was arrested by the district attorney's Bureau of Investigation.
Hospital spokesman Richard Elbaum told The Times earlier this year that three or four workers are terminated annually for trying to peak at celebrity patients' records. There are also suspicions that someone at the hospital tipped the celebrity news website TMZ.com to a story on a medication error last year that nearly killed the infant twins of actor Dennis Quaid and his wife, Kimberly, although no one has been charged.
Similar problems have surfaced at one of the hospital's major competitors, UCLA Medical Center, where at least 165 staff members have been disciplined for improperly accessing the files of more than 1,000 patients, including California First Lady Maria Shriver, actress Farrah Fawcett and singer Britney Spears.
The allegations in the Wilson case, however, mark a different challenge because he was permitted access to the files as part of his job, Anderson said.
Cedars-Sinai officials said that although they continually reevaluate security procedures, they plan to use the latest breach as another opportunity to review the way the hospital monitors the conduct of employees who have access to patients' information.
The hospital already uses passwords, security cameras and audits to monitor who has accessed the files, among other methods.
Even more security is in place in the case of high-profile patients, including limits on the employees who can view their records and real-time alerts to signal inappropriate access. If someone gets past those hurdles they will see an on-screen warning: "This patient record is restricted. All accesses are logged and audited. Inappropriate accesses are grounds for disciplinary action and/or dismissal."
--
alexandra.zavis@latimes.com
