Report: Eastern Health employee fired for accessing Nevaeh Denine’s medical records

Tara Bradbury
Send to a friend

Send this article to a friend.

Mother called after health authority investigated privacy breach

With her daughter undergoing chemo treatments for cancer, it’s understandable that Holly Denine’s heart jumps up in her throat every time her phone rings and a 777 number appears.

Nevaeh Denine - Facebook photo

This morning, it happened — but it wasn’t bad news about the health of six-year-old Nevaeh. Eastern Health managers were calling to let Holly know one of their employees had been fired after an internal investigation, for accessing Nevaeh’s medical files unlawfully.

Nevaeh is well-known in the media: diagnosed with a rare form of cancer at age four, she established a successful lemonade stand to raise money for other families dealing with pediatric cancer. In two years, her venture has raised more than $62,000.

Nevaeh is now being treated again, and at the time her medical files were accessed late last month she was an in-patient at the Janeway receiving chemo.

“I know Nevaeh is in out in the public with her lemonade stand and all that, but I have never once portrayed her as a victim. It’s always been positive, thumbs-up, look how well she is doing. To think someone would invade her privacy like that upsets me. I’m really in shock. I don’t know what the person was hoping to achieve.”

Holly said Eastern Health managers informed her someone had gone through Nevaeh’s test results. It was red-flagged to the health authority right away, and after an investigation, was traced to someone who had no reason to be accessing the little girl’s medical information. Holly said she was told the employee was fired as of Wednesday.

When contacted by The Telegram for comment, an Eastern Health spokeswoman said a media release would be issued this afternoon.

Holly said what bothers her the most is whoever went through Nevaeh’s private information likely knows things her own family members don’t necessarily know.

“I don’t even let the doctors speak to me unless I’m alone,” Holly said. “There are things I don’t always share with all our family because I don’t want to worry them.”

Eastern Health has not given Holly the name of the person they terminated.

“Was this someone I know? Was it a stranger? I don’t know which is worse,” Holly said. “Not that knowing the name really changes anything.”

Holly said she doesn’t blame Eastern Health at all and is satisfied with the actions taken by the health authority.

“They did everything right,” she said.

Neveah is home from hospital now, but due to start her next round of chemo March 21. Holly said her health already seems as if it’s improving, and she’s as positive as ever.


Eastern Health has confirmed a clerk based in St. John's has been fired for accessing the health information of 25 patients.

The health authority says it is in the procees of contacting the patients affected. The privacy breach occurred over several months, and was discovered in late February as a result of a random audit conducted within the former employee's department.

"Eastern Health has a zero tolerance for any deliberate breach of patient privacy and/or the organization's privacy and confidentiality policies," said Eastern Health president and CEO David Diamond in a media release. "It is very disturbing when these breaches occur, given Eastern Health's clearly-stated and reinforced position on willful breaches; however, we assure the people serve that we assign top priority to our responsibility as a custodian of personal health information."

"On behalf of Eastern Health, I want to publicly apologize to the patients whose privacy has been breached," said Debbie Molloy, vice-president responsible for privacy. Twitter: @tara_bradbury

Geographic location: Eastern Health

  • 1
  • 2
  • 3
  • 4
  • 5

Thanks for voting!

Top of page



Recent comments

  • abby
    March 11, 2016 - 08:03

    How does one know if their files have been looked through? We hear of it quite often.

    • Beverley
      March 11, 2016 - 11:22

      The I T dept at these facilities do random checks. Hats off to Eastern Health for "0" tolerance!!

  • Karen
    March 10, 2016 - 23:12

    What would be the purpose of gaining medical information about this child's medical history? Shame on whoever done this!p, the family has enough to worry about!

  • Molly
    March 10, 2016 - 21:05

    This is very sad and disgusting ! Holly you are an extremly professional and articulate lady. I agree you have a right to know who accessed little nevaeh's personal information . Usually have to complete an access to information request (ATIP) form. This will allow you access to the file including the keratin who accessed it. Your little princess is an inspiration to many including myself as an adult. I wish you and your family all the best in your latest challenges . Hugs ❤️

  • Herb
    March 10, 2016 - 19:14

    Isn't this a IT problem? Really If this person as no reason to access this medical file. Then protocol protection should be in place to prevent this. What's so hard about this. Are u telling me a maintenance or food service worker or human resources worker at health science centre can access a medical patient s private file when they sign in on East health computer. What going on here. The real story. Like that nurse fired out east. I heard will sendSoon be back on job. Why or how could she access people's files. That nothing to do with her work. Nobody on East coast NL ever heard electronic computer security or software engineering. What a joke. NOT

    • James
      March 13, 2016 - 10:31

      Herb - employees in Maintenance, Food Services , Human Resources, etc do not have access to patients electronic health record. This access is limited to certain employees, docs, nurses, LPN's, etc and even these employees have to have a reason to access a particular patient's file. In this case the employee had access but looked at files for patients not in their circle of care.

  • Chebucto
    March 10, 2016 - 18:17

    Unreal - and really speaks to the integrity of some public sector workers.

    • Randy
      March 11, 2016 - 12:00

      So, why does "public sector workers" cause you such anger, and animosity, bitterness ,aren't they just "people", like you?? (Well, hopefully not,,),,I guess "private sector worker" is your nom-de-plume...

  • Douglas Whelan
    March 10, 2016 - 17:33

    Let's let the system work. A person is innocent until proven guilty. The incident is bad, but let them make sure they have the proper culprit. An associate of mine was accused of accessing accounts at a bank because of a computer trail. It was discovered later that someone was signing in with her ID.

  • Scotty
    March 10, 2016 - 16:15

    The persons name should be given to those who this employee creeped. The employee had no regard for the patient file privacy, why should the employee have a right to privacy. Fired is the first step, should be prosecution for these breaches of privacy. This employee was very busy minding other peoples business. Should be a crime!

  • Cathy
    March 10, 2016 - 16:03

    This person has lost their job, this should be enough punishment.

  • rose
    March 10, 2016 - 16:00

    this makes me sick to my stomach,,,,poor child is going through enough,now to invade her privacy,,,,this person should be named and shamed!!! to think we have such a low life,,invading a childs private records,,,whats next!! i sure hope she or he gets punished for this act,,its awful

  • Achieve?
    March 10, 2016 - 15:27

    "I don’t know what the person was hoping to achieve." We may appoint someone to lead a healing circle so we can have closure here that courts and suits cannot provide? Is this former HealthCare clerk a compulsive gossip-fodder collector, working for some less than scrupulous data miner, just nosey, nosey and stunned, or, working for Insurance industry? MANY questions on this one. Could be gathering material for a book about cancer. Who knows. "Eastern Health has not given Holly the name of the person they terminated." You can't even get the name of the person who tries to run you off the road from the RNC. This is what a passive-aggressive society does. Time to be Newfoundlanders again. The snooper should be required to publish an open letter to the community? That could clear things up?

    • Fran
      March 10, 2016 - 18:14

      I agree..this snooper should be required to publish an open letter to the community and a letter of apology to both Holly and Nevaeh. She should never be aloud to work in any other medical institution.

    • steve
      March 11, 2016 - 06:22

      You needing to know who this person was would seem to make you look just as nosey don,t you think? This as nothing to do with you only the family involved . The person has been rightfully fired and EH should not hide any information from the people involved but his or her name is none of your or my business.

  • Tina
    March 10, 2016 - 15:16

    I hope she has to go to court for this. To be looking at a child's file . That is outrages.

  • Disgusted!!!
    March 10, 2016 - 15:10

    Eastern Health certainly did the right thing by firing this nosy person. I really do believe that persons name should be disclosed to the family. Whoever the person is did commit a crime invading someone's privacy. That family are dealing with a lot of pain and anguish . I hope little Naveah will do well and grow up to be a beautiful healthy young lady. Prayers and blessings to her and her family.

  • Ed
    March 10, 2016 - 14:50

    Give the family the name of the person who improperly accessed Nevaeh Denine’s medical records and let the family sue whoever it was if they wish to do that. This person does not deserve anonymity.

    • Sharon
      March 10, 2016 - 17:31

      I agree totally the name of the person should not be kept secret. Why is it that their name is being protected ? The child in question had no privacy rights where the individual in question was concerned but yet their name is with held ! That is totally crazy ! But in most cases in a situation such as this, the guilty is always protected. So sorry for the invasion of this child's privacy.