VALLEY CHILDREN'S HOSPITAL

Report ID: FA3F11.01, California Department of Public Health

Reported Entity: CHILDRENS HOSPITAL CENTRAL CALIFORNIA

Issue:

Based on staff interview, clinical record review, and administrative document review, the hospital failed to keep Protected Health Information (PHI) confidential when Patient 1's Discharge Summary was stapled to Patient 2's Discharge Summary and then given to Patient 2.This failure resulted in unauthorized access to the Patient 1's PHI and the potential for abuse of that information.Findings:Refer to: CA00403049.On 6/30/14 at 10:20 a.m., during an interview, the Accreditation Coordinator/Privacy Officer stated on 6/16/14 the Parent of Patient 2 identified Patient 1's Discharge Summary stapled to Patient 2's Discharge Summary. Privacy Officer stated the discharge Nurse should have verified the Patient's names on the discharge summaries with the patient prior to giving it Patient 2.Patient 1's PHI breached included name, date of birth, medical record number, account number, and health information.The hospital's policy and procedure number PR-1033, titled, "PHI, Use and Disclosure," dated 12/10, indicated: "...[Hospital] and its employees are committed to protect the privacy of patients' health information and to comply with applicable federal and state laws that protect the privacy and security of patients' health information." The hospital's policy and procedure number PR-1016, titled "Confidentiality," dated 8/11, contained the following documentation: "...[Hospital] will maintain adequate administrative, technical and physical safeguards to protect the privacy of confidential information from unauthorized use or disclosure, whether intentional or unintentional..."

Outcome:

Deficiency cited by the California Department of Public Health: Patients' Rights

Related Reports:

1 other violation reported on the same date. Note that other citations may be about the same event: GHXE11.01