Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
VALLEY CHILDREN'S HOSPITAL
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on July 28, 2014. Also cited in 40 other reports.
Report ID: RJPO11.01, California Department of Public Health
Reported Entity: CHILDRENS HOSPITAL CENTRAL CALIFORNIA
Issue:
Based on staff interview, clinical record and administrative document review, the hospital failed to keep Protected Health Information (PHI) confidential when Patient 1's lab report was mailed to the wrong Patient's family. This failure placed Patient 1's PHI at a potential risk for unauthorized use.Findings:On 7/25/14 at 2:30 p.m., during an interview, Privacy Officer (PO) stated hospital staff mailed Patient 1's lab cultures results to another patient's family. The other patient's family contacted the charge nurse of the Emergency Room and notified her of the error. The error occurred when staff failed to match the patient envelope and letter to the follow-up log at the time of mailing.Patient 1's PHI which breached included: Name, date of birth, date of service, medical record number, account number, culture results, home address and phone number. The facility policy and procedure number PR-1033, titled "PHI, Use and Disclosure", dated 2/14, indicated "...[Hospital] and its employees are committed to protect the privacy of patients' health information and to comply with applicable federal and state laws that protect the privacy and security of patients' health information."
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights