Jennifer Brutzki, JB02408, October 18, 2016.Neut.Ftv

DISCIPLINE COMMITTEE OF THE COLLEGE OF NURSES OF ONTARIO

PANEL: Michael Hogard, RPN Chairperson Renate Davidson Public Member Samantha Diceman, RPN Member Karen Laforet, RN Member Devinder Walia Public Member

BETWEEN:

COLLEGE OF NURSES OF ONTARIO ) ALYSHA SHORE for ) College of Nurses of Ontario - and - ) ) JENNIFER BRUTZKI ) MICHAEL MANDARINO for Registration No. JB02408 ) Jennifer Brutzki ) ) ) ) ) Heard: OCTOBER 18, 2016

DECISION AND REASONS

This matter came on for hearing before a panel of the Discipline Committee (the “Panel”) on October 18, 2016 at the College of Nurses of Ontario (“the College”) at Toronto.

The Allegations

The allegations against Jennifer Brutzki (the “Member”) as stated in the Notice of Hearing dated 18 July, 2016 are as follows.

IT IS ALLEGED THAT:

1. You have committed an act of professional misconduct as provided by subsection 51(1)(c) of the Health Professions Procedural Code of the Nursing Act, 1991, S.O. 1991, c. 32, as amended, and defined in subsection 1(1) of Ontario Regulation 799/93, in that while you were employed as a Registered Practical Nurse at Grand River Hospital in Kitchener, Ontario, you contravened a standard of practice of the profession or failed to meet the standard of practice of the profession with respect to accessing personal health information without consent or other authorization, for one or more of the following clients on or about the dates indicated below:

Client Name Date of Access

[Client A] March 18, 2014

[Client B] March 18, 2014

[Client C] June 13, 2014

[Client D] June 13, 2014

[Client E] June 15, 2014

[Client F] July 28, 2014

[Client G] July 28, 2014

[Client H] July 28, 2014

[Client I] July 31, 2014

[Client J] October 19, 2014 (20:03 hours) October 19, 2014 (20:39 hours) October 19, 2014 (22:58 hours) October 20, 2014

[Client K] October 20, 2014

[Client L] November 15, 2014

[Client M] November 15, 2014

[Client N] November 15, 2014 November 16, 2014

[Client O] November 16, 2014

[Client P] December 9, 2014

[Client Q] December 30, 2014

[Client R] January 6, 2015

[Client S] January 6, 2015

[Client T] January 6, 2015

[Client U] January 6, 2015

Client Name Date of Access

[Client V] January 7, 2015

[Client W] January 7, 2015

[Client X] January 8, 2015

[Client Y] January 16, 2015

and/or;

2. You have committed an act of professional misconduct as provided by subsection 51(1)(c) of the Health Professions Procedural Code of the Nursing Act, 1991, S.O. 1991, c. 32, as amended, and defined in subsection 1(37) of Ontario Regulation 799/93, in that, while you were employed as a Registered Practical Nurse at Grand River Hospital in Kitchener , Ontario, you engaged in conduct or performed an act, relevant to the practice of nursing, that, having regard to all the circumstances, would reasonably be regarded by members of the profession as disgraceful, dishonourable or unprofessional with respect to accessing personal health information without consent or other authorization, for one or more of the following clients on or about the dates indicated below:

Client Name Date of Access

[Client A] March 18, 2014

[Client B] March 18, 2014

[Client C] June 13, 2014

[Client D] June 13, 2014

[Client E] June 15, 2014

[Client F] July 28, 2014

[Client G] July 28, 2014

[Client H] July 28, 2014

[Client I] July 31, 2014

[Client J] October 19, 2014 (20:03 hours) October 19, 2014 (20:39 hours) October 19, 2014 (22:58 hours)

Client Name Date of Access

October 20, 2014

[Client K] October 20, 2014

[Client L] November 15, 2014

[Client M] November 15, 2014

[Client N] November 15, 2014 November 16, 2014

[Client O] November 16, 2014

[Client P] December 9, 2014

[Client Q] December 30, 2014

[Client R] January 6, 2015

[Client S] January 6, 2015

[Client T] January 6, 2015

[Client U] January 6, 2015

[Client V] January 7, 2015

[Client W] January 7, 2015

[Client X] January 8, 2015

[Client Y] January 16, 2015

Member’s Plea

The Member admitted the allegations set out in paragraphs 1 and 2 in the Notice of Hearing. The Panel received a written plea inquiry which was signed by the Member. The Panel also conducted an oral plea inquiry and was satisfied that the Member’s admission was voluntary, informed and unequivocal.

Agreed Statement of Facts

Counsel for the College and the Member advised the Panel that agreement had been reached on the facts and introduced an Agreed Statement of Facts, which reads as follows.

THE MEMBER

1. Jennifer Brutzki (the “Member”) obtained a diploma in nursing from Conestoga College in 2001.

2. The Member registered with the College of Nurses of Ontario (the “College”) as a Registered Practical Nurse (“RPN”) in February 2002.

3. The Member was employed at Grand River Hospital (the “Facility”) on the Kitchener- Waterloo campus as a full-time staff nurse on the [Unit] from November 2002 to March 2015, when she was terminated as a result of the incidents described below. The Member grieved her termination from the Hospital, and that matter was resolved by way of a mutually agreeable settlement.

THE FACILITY

4. The Facility is located in Kitchener, Ontario.

5. The Member initially worked on the complex continuing care unit when she was first hired at the Facility. She then moved into the [Unit] and worked on that unit for the last seven to eight years of her employment at the Facility.

6. The [Unit] had 65 beds that were divided into a north and south end. It was “U”-shaped with clients’ rooms around the “U”.

7. At the time of the incidents, eight nurses were assigned to each end of the unit. It was not uncommon for the nurses on the unit to work as a team and help each other out.

8. If the unit’s census was low, staff would occasionally be reassigned to float on other units.

The Facility’s Electronic Records System

9. The Facility used an electronic health records system. Each staff member had an individualized access ID and password that allowed them to log into the system.

10. When a staff member logged into the system on the [Unit], the census for the unit appears, allowing staff to access the clients in their circle of care with ease. In order to access other client records, staff would need to search for clients by name or medical record number, or they could also select a different census to view.

11. Staff were expected to log out of the system when they were finished using the electronic records system. However, the system would automatically log an individual out after 15 minutes of inactivity.

12. Staff could self-report an accidental access, which was kept on a database that could be referred to when the Facility conducted an audit.

Facility Policies on Accessing Client Records

13. The Facility had several policies in force at the time regarding the protection of personal health information that made it clear that staff were not to access personal health information of clients unless required to provide client care or carry out their duties.

Privacy, Confidentiality and Security Policy

14. The Facility’s “Privacy, Confidentiality and Security” Policy was issued in March 2004 and last reviewed in May 2004. The policy indicated that “[Personal Health Information] will not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law.”

15. The policy further stated that “[a]ccess to [Personal Health Information] will be limited to only those employees/agents with a need to know such information for their job purposes (the “need to know” rule). Authorization is required before accessing, collecting, using, or disclosing [Personal Health Information]. If an employee is unsure of whether they have authorization to access, use or disclose [Personal Health Information], they will seek clarification from the Manager/Supervisor or Chief Privacy Officer.”

16. The policy warned against improper access or use of personal health information, stating that “[a]ny individual who collects, uses or discloses [Personal Health Information] under the custody and control of [Grand River Hospital] can be the subject of a question, complaint or breach of this policy.” The policy goes on to indicate that breaches are taken very seriously and dealt with swiftly.

Audits of Health Information Systems Policy

17. The Facility’s “Audits of Health Information Systems” Policy was last reviewed in July 2006. It indicated that a breach of confidentiality occurs “when an individual accesses [Personal Health Information] when they are not required to do so in order to perform their job functions. Access to [Personal Health Information] is based on the ‘need to know’ rule to provide patient care or to perform one’s duties. Inappropriate access includes accessing patient information for personal interests including accessing a family member’s chart or your own records.”

Breach of Confidentiality: Staff, Physicians & Affiliates of Grand River Hospital

18. The Facility has a third policy entitled “Breach of Confidentiality: Staff, Physicians & Affiliates of [Grand River Hospital]” that was first issued in December 2006 and last reviewed in November 2012. It reiterated that access to personal health information “is limited to those individuals that need to know such information for performing their duties. Inappropriate collection, access, use or disclosure of information will be considered a breach of confidentiality and may result in disciplinary action.”

Electronic Privacy and Confidentiality Course

19. The Member was also required to complete an electronic Privacy and Confidentiality course for the Facility, and pass the test at the end of the course. The minimum passing grade was 80%. The Member did complete this course on October 14, 2013.

INCIDENTS RELEVANT TO ALLEGATIONS OF PROFESSIONAL MISCONDUCT

Inappropriate Access of [Client S]’s Health Records

20. [Client S] was a distant relative of the Member and also a client of the Facility. On January 21, 2015, the client had complained to the Facility that the Member had contacted him two weeks after his stay at the Facility regarding a personal financial matter. The client alleged that the Member had obtained his phone number from his health record.

21. The Facility realized that the phone number on [Client S]’s file was not up-to-date, and as a result, the Member could not have used his file to get in touch with him. If the Member were to testify, she would say that she had obtained [Client S]’s phone number from her mother.

22. [Client S] was on the Member’s unit on January 6, 2015. The Member was not assigned to provide him care and never provided him with any care. However, the Member accessed [Client S]’s electronic health record twice that day and admits that she did so for the purpose of looking at or confirming his address, and not for any professional purpose. During her access of [Client S]’s record, she looked at a number of screens, including the charting screen, admission history and medication history.

23. If the Member were to testify, she would state that she accessed [Client S]’s record out of concern for her own safety. She was receiving a number of calls from creditors who were trying to get in touch with [Client S] and that [Client S] had been using her identity to evade collection agencies. She would further testify that [Client S] had previously threatened her and she had involved the police to ensure her safety. The Member, nevertheless, acknowledges that this was not a legitimate reason to access [Client S]’s records and that she did so without consent, authorization, or other professional purpose.

Audit of the Member’s Access to Health Records

24. Because of the complaint from [Client S], the Facility conducted an audit of the Member’s accesses to electronic health records. The audit initially went back three months from the date that [Client S] complained that the Member had accessed his record.

25. Due to the concerns noted in the three month audit, another audit was performed on the Member’s accesses to electronic health records that spanned a full year, from January 29, 2014 to January 29, 2015.

26. The audit indicated that the Member accessed records for 2,300 clients during that year.

27. The Facility reviewed the audit carefully to remove any clients that were on the Member’s unit, any clients that were being transferred to the Member’s unit, any clients in which the Member charted on their record, any clients in which accesses would have been reasonable when the Member was reassigned to work as a float nurse for a shift, and any records that were clearly accessed by accident.

28. Of the 2,300 clients accessed during the audit period, the Facility noted that the Member accessed 24 client records inappropriately, without consent or other authorization.

29. 23 of the 24 clients identified by the audit were in the emergency department, intensive care unit, the medicine unit and/or the mental health unit. None of these clients were intended to be transferred or were transferred to the Member’s [Unit] when the Member viewed their records.

30. One client was in the emergency department when the Member accessed her record. This client did have surgery, but would not have required admission to the Member’s [Unit], so the Member would not have needed to access her health record at all. Furthermore, the Member accessed the transcribed notes for this client, which would have been historical reports from a previous admission.

31. Information accessed by the Member for the 24 s included a screen that indicated what was documented for the (e.g. assessments, vital signs), charts, admission history, medication history, transcribed reports, orders, lab results, medical imaging results, and/or blood pressure and medication history.

32. A shadow audit was conducted using another nurse who had the same or similar role to the Member. The audit was for the time period between November 1, 2014 and January 21, 2015 and every access in the shadow audit was to a client on the Member’s unit.

33. If the Member were to testify, she would state that she did not know any of the 24 clients and that she accessed some of the records to seek information for pre-admissions, and some of the records out of curiosity and for educational purposes. She did not access any of these records for malicious reasons. The Member now acknowledges that it was inappropriate to access client records for clients who were not in her circle of care, and that she accessed the 24 client records without consent or other authorization. The Member is regretful and apologetic for having accessed these records.

COLLEGE STANDARDS

34. The College issued a Practice Standard, Confidentiality and Privacy – Personal Health Information (“Practice Standard”), which was first published in 2004 and updated in 2009. It discusses the expectations and obligations of a nurse under the Personal Health Information and Protection Act, 2004 (“PHIPA”).

35. The Practice Standard begins with a general statement about the purpose of practice standards:

Nursing standards are expectations that contribute to public protection. They inform nurses of their accountabilities and the public of what to expect of nurses. Standards apply to all nurses regardless of their role, job description or area of practice.

36. The Practice Standard continues:

… PHIPA permits the sharing of personal health information among health care team members to facilitate efficient and effective care. The health care team includes all those providing care to the client…

Personal health information is any identifying information about clients that is in verbal, written or electronic form.

A nurse is responsible for ensuring that she/he uses client information only for the purpose(s) for which it was collected. A nurse should ensure that it remains secure within the healthcare team. …

…Sharing information among members of the healthcare team to provide care is one use of information under PHIPA...

37. The Practice Standard contains the following statement of the standard of practice about personal health information:

Nurses share relevant information with the healthcare team, whose members are obliged to maintain confidentiality. Nurses must explain to clients that information will be shared with the healthcare team and identify the general composition of the healthcare team.

38. The Practice Standard provides key indicators nurses can use to ensure they are meeting the standard, including:

The nurse meets the standard by:

 seeking information about issues of privacy and confidentiality of personal health information;  maintaining confidentiality of clients’ personal health information with members of the healthcare team, who are also required to maintain confidentiality, including information that is documented or stored electronically;  maintaining confidentiality after the professional relationship has ended, an obligation that continues indefinitely when the nurse is no longer caring for a client or after a client’s death;  ensuring clients or substitute decision-makers are aware of the general composition of the health care team that has access to confidential information;  collecting only information that is needed to provide care;  not discussing client information with colleagues or the client in public places such as elevators, cafeterias and hallways;  accessing information for her/his clients only and not accessing information for which there is no professional purpose; …

 safeguarding the security of computerized, printed or electronically displayed or stored information against theft, loss, unauthorized access or use, disclosure, copying, modification or disposal;  not sharing computer passwords; …

ADMISSIONS OF PROFESSIONAL MISCONDUCT

39. The Member admits that her accesses to the personal health information of [Client S] as well as the other 24 clients identified in the Facility’s audit between March 2014 and January 2015, and as described in paragraphs 20 to 33 above, were without consent, authorization or other professional purpose and constituted a breach of the College’s Practice Standard, Confidentiality and Privacy – Personal Health Information. The Member also admits that this conduct would be regarded by members of the profession as both unprofessional and dishonourable.

40. In particular, the Member admits that she committed the acts of professional misconduct as alleged in paragraphs 1 and 2 of the Notice of Hearing.

Decision

The Panel finds that the Member committed acts of professional misconduct as alleged in paragraphs 1 and 2 of the Notice of Hearing. For paragraph 2, the Panel finds the Member’s conduct would reasonably be regarded by members as dishonourable and unprofessional.

Reasons for Decision

The Panel considered the Agreed Statement of Facts and the Member’s plea and finds that this evidence supports findings of professional misconduct as alleged in the Notice of Hearing.

The Panel found paragraphs #10 - #38 were sufficient to make a finding with respect to allegation #1 in the Notice of Hearing. Specifically, paragraphs 10, 11, 12, 13, 14, 15, 16, 17, 18 and 19 outline the Facility’s “Privacy, Confidentiality and Security” policies. Paragraph #19 indicates the Member’s completion of the Facility’s electronic Privacy and Confidentiality course on 14th October, 2013. Paragraphs 22 through 33 describe the particular incidents of the Member’s access to client records without consent or authorization. The Member admits that she had no reasonable justification for accessing the records because she was not providing professional care, directly or indirectly, to the clients. Paragraphs 34 through 38 offer details of the College’s Practice Standard titled Confidentiality and Privacy—Personal Health Information; published in 2004 and updated in 2009. This Practice Standard specifically references nurses’ responsibilities for “accessing information for her/his clients only and not accessing information for which there is no professional purpose.”

Allegation #2 in the Notice of Hearing is supported by paragraphs 18, 19, 22 through 33 in the Agreed Statement of Facts.

With respect to Allegation #2 the Panel finds the Member’s conduct in accessing 24 client records without authorization or consent was unprofessional; it demonstrated a serious disregard for her professional obligations. The Panel also finds the Member’s conduct was dishonourable. It

demonstrates an element of dishonesty and deceit by accessing client records between 1st November, 2014 and 21st January, 2015.

Penalty

Counsel for the College and the Member advised the Panel that a Joint Submission on Order had been agreed upon. The Joint Submission requests that this Panel make an order as follows.

1. Requiring the Member to appear before the Panel to be reprimanded within three months of the date that this Order becomes final.

2. Directing the Executive Director to suspend the Member’s certificate of registration for two months. This suspension shall take effect from the date that this Order becomes final and shall continue to run without interruption as long as the Member remains in the practising class.

3. Directing the Executive Director to impose the following terms, conditions and limitations on the Member’s certificate of registration:

a) The Member will attend two meetings with a Nursing Expert (the “Expert”), at her own expense and within six months from the date that this Order becomes final. To comply, the Member is required to ensure that:

i. The Expert has expertise in nursing regulation and has been approved by the Director of Professional Conduct (the “Director”) in advance of the meetings;

ii. At least seven days before the first meeting, the Member provides the Expert with a copy of:

1. the Panel’s Order, 2. the Notice of Hearing, 3. the Agreed Statement of Facts, 4. this Joint Submission on Order, and 5. if available, a copy of the Panel’s Decision and Reasons;

iii. Before the first meeting, the Member reviews the following College publications and completes the associated Reflective Questionnaires, online learning modules and online participation forms (where applicable):

1. Professional Standards, 2. Confidentiality and Privacy – Personal Health Information;

iv. Before the first meeting, the Member reviews Circle of Care: Sharing Personal Health Information for Health-Care Purposes, as released by the Information and Privacy Commissioner of Ontario;

v. At least seven days before the first meeting, the Member provides the Expert with a copy of the completed Reflective Questionnaires, and online participation forms;

vi. The subject of the sessions with the Expert will include:

1. the acts or omissions for which the Member was found to have committed professional misconduct, 2. the potential consequences of the misconduct to the Member’s clients, colleagues, profession and self, 3. strategies for preventing the misconduct from recurring, 4. the publications, questionnaires and modules set out above, and 5. the development of a learning plan in collaboration with the Expert;

vii. Within 30 days after the Member has completed the last session, the Member will confirm that the Expert forwards his/her report to the Director, in which the Expert will confirm:

1. the dates the Member attended the sessions, 2. that the Expert received the required documents from the Member, 3. that the Expert reviewed the required documents and subjects with the Member, and 4. the Expert’s assessment of the Member’s insight into her behaviour;

viii. If the Member does not comply with any one or more of the requirements above, the Expert may cancel any session scheduled, even if that results in the Member breaching a term, condition or limitation on her certificate of registration; b) For a period of 12 months from the date the Member returns to the practice of nursing, the Member will notify her employers of the decision. To comply, the Member is required to:

i. Ensure that the Director is notified of the name, address, and telephone number of all employer(s) within 14 days of commencing or resuming employment in any nursing position;

ii. Provide her employer(s) with a copy of:

1. the Panel’s Order, 2. the Notice of Hearing, 3. the Agreed Statement of Facts, 4. this Joint Submission on Order, and 5. a copy of the Panel’s Decision and Reasons, once available;

1. that they received a copy of the required documents, 2. that they agree to notify the Director immediately upon receipt of any information that the Member has breached the standards of practice of the profession, and 3. that they agree to perform two random audits of the Member’s accesses to electronic health records at the following intervals:

a. the first audit shall take place within six months from the date the Member begins or resumes employment with the employer; and b. the second audit shall take place within 12 months from the date the Member begins or resumes employment with the employer.

4. If the random audits referred to in paragraph 3(b)(iii)(3) result in a report to the College under paragraph 3(b)(iii)(2), it will not be considered a breach of this Order, and the information will be considered by the Executive Director of the College as a new employer report.

5. All documents delivered by the Member to the College, the Expert or the employer(s) will be delivered by verifiable method, the proof of which the Member will retain.

Penalty Submissions

Submissions were made by College Counsel and the Member’s Counsel.

The parties agreed that the mitigating factors in this case were: - The Member admitted the misconduct and cooperated throughout the disciplinary proceedings thus avoiding a contested hearing; - The Member attended this hearing on a voluntary basis; - The Member has no prior history of misconduct with the College; - Many of the client accesses were for less than 10 seconds; - There was no disclosure of the personal health information that the Member accessed to other parties; and - The Member is remorseful and apologetic.

The aggravating factors in this case were: - The Member did not understand the seriousness of the offense despite the College and the Facility’s standards and policies; and - Access to personal health information is a privilege and the Member’s conduct resulted in a breach of public trust.

The proposed penalty provides for general deterrence through the two month suspension. By the Member’s admission, there is no justification or professional purpose for the accesses despite the employment and professional opportunities for the Member to understand her restrictions and responsibilities related to accessing clients’ personal health information. The suspension conveys to the Member and the profession the seriousness of this breach of public trust and confidence that unauthorized access of client records represents.

The proposed penalty provides for specific deterrence through the oral reprimand, suspension and terms, conditions and limitations including employer notification.

The proposed penalty provides for remediation and rehabilitation through terms, conditions and limitations, specifically meeting with a Nurse Expert.

Overall, the public is protected because: - The Member has been provided a remedial opportunity to fully discuss and reflect on her misconduct within the PHIPA legislation and clearly designated College Practice Standard; - For a period of 12 months upon the Member’s return to practice, her employer will have monitoring obligations; - The seriousness of unauthorized access of client health information will be conveyed to the profession.

Counsel submitted cases to the Panel to demonstrate that the proposed penalty fell within the range of similar cases from this Discipline Committee. CNO v. Calvano (Discipline Committee, 2015) is a recent case whereby five other relevant cases of unauthorized access were referenced. CNO v Oliveira (Discipline Committee, 2015) is another case of unauthorized access to clients’ personal health information by a Member. The terms, conditions and limitations proposed in the Joint Submission currently before the Panel replicate and build on the findings from the cases referenced. The terms of suspension in unauthorized access cases range from two months to five months. The proposed two- month suspension for this Member was based on unauthorized client access over a period of three months.

Penalty Decision

The Panel accepts the Joint Submission as to Order and accordingly orders:

1. The Member is required to appear before the Panel to be reprimanded within three months of the date that this Order becomes final.

2. The Executive Director is directed to suspend the Member’s certificate of registration for two months. This suspension shall take effect from the date that this Order becomes final and shall continue to run without interruption as long as the Member remains in the practising class.

3. The Executive Director is directed to impose the following terms, conditions and limitations on the Member’s certificate of registration: