STANFORD HOSPITAL

Issue: Based on interview and record review, the hospital failed to prevent the unauthorized disclosure of protected health information (PHI) for one patient (1), when a staff member intentionally accessed the electronic medical record of Patient 1 without a business related…

Outcome: Fine imposed and deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Issue: Based on observation, interview, and record review, the hospital failed to provide full consideration of privacy concerning the medical care program for patients. Vendor A (a person who sells medical equipment to the hospital for use by patients) was authorized…

Outcome: Deficiency cited by the California Department of Public Health: Patients' Rights

Issue: Based on interview and record review the hospital failed to protect the right for confidential medical treatment for two of two sampled patients (1, 2). Findings:On 12/7/12, the California Department of Public Health received a faxed report from the hospital…

Outcome: Fine imposed and deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Issue: Based on interview and record review, the hospital failed to prevent unauthorized access to one patient's (Patient 1) medical information. Findings:On 5/22/13, the California Department of Public Health received a faxed report from the hospital chief privacy officer which indicated…

Outcome: Fine imposed and deficiency cited by the California Department of Public Health: Health & Safety Code 1280

Issue: Based on interview and record review the hospital failed to protect the right for confidential medical treatment for two of two sampled patients (1, 2). Findings:On 1/3/13 at 1 p.m. during an interview with the privacy officer, she stated Patient…

Outcome: Deficiency cited by the California Department of Public Health: Patients' Rights

Issue: Based on interview and record review, the hospital failed to provide confidential medical treatment for approximately 94 patients. Findings:On 10/22/12 at 9:45 a.m. during an entity reported incident investigation, the hospital's privacy assurance specialist (Staff A) stated that on 7/31/12…

Outcome: Deficiency cited by the California Department of Public Health: Patients' Rights

Issue: Impermissible Uses and Disclosures, Safeguards

Outcome: Technical assistance provided

Issue: Based on interview and record review, the hospital failed to protect the right for confidential medical treatment for one of two sampled patients (1). Findings:On 9/6/12 at 10:45 a.m. during an interview with the hospital's privacy director, she stated on…

Outcome: Deficiency cited by the California Department of Public Health: Patients' Rights

Issue: Based on documentation and interview, hospital staff failed to implement a patient's right to privacy by discussing medical information without consent to a patient with a visitor present.Findings:In an interview on 8/9/12, the privacy officer stated on 4/25/12 she received…

Outcome: Deficiency cited by the California Department of Public Health: Patients' Rights

Issue: Theft of Desktop Computer

Outcome: Data not available.