As part of its investigation into a privacy breach at Charlottetown's Queen Elizabeth Hospital, Health PEI will be looking at which health care providers can access which medical charts.

On Wednesday Health PEI said it had discovered that an employee had, over the course of three years, been inappropriately reading the records of patients. Health PEI said a total of 353 files were accessed.

The breach was discovered two weeks ago. Following a week-long investigation the woman was confronted with the evidence, and her employment was terminated.

Denise Lewis Fleming, acting CEO, Health PEI

Roles-based access to files will be part of the review, says Denise Lewis Fleming. (CBC)

Acting Health PEI CEO Denise Lewis Fleming said the agency will conduct a review of what happened, and that review will include reconsidering who can see what in private health information files.

"We will be reviewing our policies and processes, including the acceptable use of clinical charts policy and roles-based access," said Lewis Fleming, in a statement to CBC News.

P.E.I.'s Health Information Act, which came into effect in July, specifies employees should not necessarily be able to access all of a patient's file.

"A custodian shall limit the use of personal health information it maintains to those employees and agents of the custodian who need to know the personal health information to carry out the purpose  for which the personal health  information was collected," reads section 22 of the act.

"Every use by a custodian of personal health information shall be limited to the minimum amount of personal health  information necessary."

All of the patients whose files were viewed have been sent a letter about the incident. The provincial privacy commissioner and the police have also been notified.

With files from Donna Allen