Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
KAISER FOUNDATION HOSPITAL - RIVERSIDE
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on June 13, 2014. Also cited in 25 other reports.
Report ID: 4X3Y11, California Department of Public Health
Reported Entity: KAISER FOUNDATION HOSPITAL, RIVERSIDE
Issue:
Based on interview and record review, the facility failed to prevent the unauthorized disclosure of Patient A's private health information (PHI), when the Billing Department inadvertently gave Patient A's credit card receipt and hospital account billing number to Patient B. This had the potential to result in the misuse of Patient A's private health information.Findings:On June 13, 2014, at 2:10 p.m., an investigation was conducted on this entity reported incident. On June 13, 2014, at 2:10 p.m., the facility Director of Accreditation, Regulations and Licensing was interviewed (DARL). The DARL stated, "On May 30, 2014, an unauthorized disclosure of Patient A's information was given to Patient B. The PHI included a credit card receipt containing Resident A's last four digits of her credit card, the name of the credit card, the hospital billing statement with the amount paid, the medical record number and Patient A's name and signature."On June 12, 2014, a record review was conducted of a letter dated, June 12, 2014, and addressed to Patient A. This letter was sent by the facility to Patient A and indicated, "The following information was available for viewing:On the Hospital Conditions of Admission: your name and medical record number.On the copy of the credit card transaction receipt: your name, type of credit card used and the last four digits on the credit card."A review of the facility breach log was conducted on June 16, 2013, at 9 a.m. The form titled, "Admitting Department," indicated, "Patient B discovered paperwork with her belongings. The patient presented (the paperwork) to Membership Services office and submitted the copies to the Health Plan Representative, explaining she received (the wrong copies) at time of discharge."On June 16, 2014, at 9 a.m., a concurrent interview was conducted with the Admitting Supervisor (AS). The AS stated, "There may have been two people involved with the mix-up the admission clerk, transport person, and the unit in which the admission paperwork was given...Neither patient's have any information on each other at this point."
Outcome:
Deficiency cited by the California Department of Public Health: Health & Safety Code 1280