Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
Scripps Mercy Hospital
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on April 24, 2014. Also cited in 72 other reports.
Report ID: 1JW111.01, California Department of Public Health
Reported Entity: SCRIPPS MERCY HOSPITAL
Issue:
Based on interview and record review the facility failed to maintain patient rights for 1 of 2 sampled patients (1). Patient 1's personal and medical information was inadvertently disclosed to an un-authorized party. This deficient practice violated the patient's right to privacy and confidentiality.Findings: Patient 1 was admitted to the facility on 2/15/14 per the facility Inpatient Facesheet form.During an interview and joint review on 4/24/14 at 1:00 P.M., the PRC stated that Patient 1's electronic medical record "screen shot", entitled Chart Medications, had been inadvertently commingled with the hospital discharge instruction forms of another discharge patient (Patient 2). The Patient Relations Coordinator (PRC) stated that a facility home health therapist had discovered the copy of Patient 1's medical record form, during Patient 2's home visit, 3 days after patient 2's discharge from the hospital. The PRC stated that the Patient 1's name, medical record number, date of birth, and medication list were included on the "screen shot" form. The PRC stated that the facility nursing staff, had not recognized that a portion of Patient 1's medical had been commingled with Patient 2's discharge instructions. A review of the facility policy and procedure, entitled Confidentiality of Information (Patient, Financial, Employee, and Other Sensitive and Proprietary Information) included "It is the responsibility of every [facility] employee...having access to [facility] information to follow all of [facility] policies and to safeguard Confidential Information." "Safeguarding of Information-confidential information collected and /or generated within [facility] shall be maintained in a manner designed to restrict access to those individuals with a legitimate need to the know the information." During an interview with the PRC on 4/24/14 at 1:30 P.M., the PRC acknowledged that Patient 1's confidential medical record information had been disclosed un-necessarily to a third party. The PRC further acknowledged that Patient 1's medical record had not been maintained a manner that ensured the patient's right to privacy and confidentiality.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights