Disclosed under the Official Information Act, other 2015 breaches included:an employee who viewed a family member's test results; an employee who mistakenly sent patient information to the wrong GP; an employee who sent patient information to a third party; an employee who told their partner a family member was in hospital.
The board has not disclosed the departments involved, nor the case outcomes, although the cases included a dismissal and final written warnings.
The OIA response does not mention a breach in January when surgery details of 60 patients were mistakenly emailed to someone.
When the incident was publicised, staff were reminded to take more care.
Chief executive Carole Heatly said that breach was not included as it was unusual and had not sparked a human resources investigation.
Ms Heatly said the board's privacy group met regularly to discuss training, policies and procedures around privacy and ''breach management''.
''The SDHB is proactive in this sphere with both staff training and awareness raising.''
University of Otago health system authority Prof Robin Gauld said when contacted the growing use of electronic health records meant staff who broke the rules were more likely to be caught.
''When you had rooms full of paper-based patient records, anyone could put on a white coat and just wander in and start looking at those records, and probably take an armload of them out with them without any questions being raised.''
Prof Gauld said the move to electronic records was likely to have brought about a change of attitude and culture among health staff.
''For members of the public, when they hear about people in the DHB having breached patient privacy, these are not new issues.
''It might just be that in the IT world that we live in now, there is much more exposure. An alert goes off when someone accesses a record who does not have authority to do so.''
However, simple technology mistakes - rather than malicious intent - account for many of the health-related complaints to the Privacy Commissioner, a spokesman said.
''About 16% of the complaints made to the Privacy Commissioner are health sector related. A large majority of these involve data breaches, usually caused by human error from using email to send attachments (generally Excel spreadsheets).
''Other types of data breaches we see in the health sector have been through the use of recycled paper which had patient information on the reverse side, accidental loss or theft of health practitioners' or case manager notes, and through the physical transfer of records from one health agency to another,'' the spokesman said.
