Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
SUTTER COAST HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on November 30, 2011. Also cited in 58 other reports.
Report ID: 98XJ11, California Department of Public Health
Reported Entity: SUTTER COAST HOSPITAL
Issue:
Based on interview and document review, the facility failed to protect unauthorized access and disclosure of a patient's (Patient 1) protected, confidential health information, when the patient's laboratory results were given to someone other than the patient. This failure was a violation of the patient's right to privacy.Findings:During an interview on 11/30/11, at 10:20 a.m., the Privacy Officer confirmed that Patient 1's completed "Verification of Pregnancy" form was given to Patient 1's husband and not to Patient 1. He confirmed the information which was released.A review of the documentation provided by the facility revealed that the document template for the information disclosed included blank spaces for the "Date", the patient's name, the "EDC" (Estimated Date of Confinement), a section for "Comments", and "Signature".The Privacy Officer reported that the staff member who released the information to the patient's husband knew the patient was waiting for the results. The staff member was not aware the information contained on the form constituted a breach.
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280