Final answer:
To prevent employees from snooping through Electronic Health Records (EHR), Role-based Access Controls (RBAC) should be implemented, ensuring access to patient information is limited to what is necessary for an employee's role and thereby protecting patient privacy.
Step-by-step explanation:
An employee snooping through the Electronic Health Records (EHR) for information about neighbors and friends represents a significant privacy concern and a breach of security protocols. To minimize such breaches, the security mechanism that should have been implemented is Role-based Access Controls (RBAC). RBAC would ensure that employees are only able to access the minimum necessary information required to perform their job functions. Consequently, this would greatly reduce the potential for employees to access sensitive information without legitimate reasons.
Considering the threat of large-scale data breaches in various sectors, the implementation of RBAC becomes a critical component in protecting patient privacy and ensuring compliance with legal mandates such as the Health Insurance Portability and Accountability Act (HIPAA). By assigning users to roles based on their responsibilities and limiting their access to information that pertains only to those roles, unauthorized browsing of sensitive records like EHR can be significantly curbed.