Search Privacy Violations, Breaches and Complaints
This database was last updated in December 2015 ago and should only be used as a historical snapshot. More recent data on breaches affecting 500 or more people is available at the U.S. Department of Health and Human Services’ Breach Portal.
MILLS-PENINSULA MEDICAL CENTER
Cited by the California Department of Public Health for a violation of California’s Health and Safety Code relating to medical privacy during an inspection that began on August 1, 2014. Also cited in 6 other reports.
Report ID: FPXN11, California Department of Public Health
Reported Entity: MILLS-PENINSULA MEDICAL CENTER
Issue:
Based on interview and record review, the facility failed to protect the confidential information of patients when:Findings:1. CA00402484 During an interview on 8/8/14 at 1:40 PM, the hospital's Privacy Officer stated a Health Information Management (HIM) employee sent copy of medical records to wrong legal firm. The Privacy Officer stated the staff did not verify the patient's information before sending the medical records. The Privacy Officer stated the breach was reported to the facility on 6/11/14. Review of the 169 pages of medical records sent to the legal firm indicated the following protected health information: patient's name, date of birth, medical record number, procedures done and medical information. Patient was notified of this breach of medical information by letter dated 6/17/14.CDPH was notified of this breach of medical information by fax on 6/17/14.2. CA00404192 During an interview on 8/8/14 at 2:00 PM, the hospital's Privacy Officer stated a staff handed an endoscopy photograph to the wrong patient. The Privacy Officer stated the staff did not verify the patient's information before handing the photographs to the patient. The Privacy Officer stated the breach was reported to the facility on 6/26/14. Patient was notified of this breach of medical information by letter dated 7/2/14.CDPH was notified of this breach of medical information by fax on 7/2/14.3. CA00405588During an interview on 8/8/14 at 2:15 PM, the hospital's Privacy Officer stated an office clerk volunteer in the Women Center sent a mammography result to a wrong patient. The Privacy Officer stated the staff did not verify the patient's information before putting the result in an envelope. The Privacy Officer stated the breach was reported to the facility on 7/9/14. Review of the mammography result indicated the following protected health information: patient's name, medical record number, procedure done and medical information about the visit.Patient was notified of this breach of medical information by letter dated 7/14/14.CDPH was notified of this breach of medical information by fax on 7/15/14.4. CA00404655During an interview on 8/8/14 at 2:30 PM, the hospital's Privacy Officer stated an autofax error occurred because the physician's information was not updated in the electronic health system. The intended recipient (physician) no longer worked at the clinic and another physician received the biopsy result. The Privacy Officer stated the breach was reported to the facility on 6/30/14. Review of the mammography biopsy result dated 6/25/14, indicated the following protected health information: patient's name, date of birth, medical record number, procedure done and medical information about the visit.Patient was notified of this breach of medical information by letter dated 7/7/14.CDPH was notified of this breach of medical information by fax on 7/8/14.5. CA00404980 During an interview on 8/8/14 at 2:40 PM, the hospital's Privacy Officer stated a staff handed a discharge paperwork to the wrong patient. The Privacy Officer stated the staff did not verify the patient's information before handing the discharge documents to the patient. The Privacy Officer stated the breach was reported to the facility on 7/2/14. Review of the discharge documents dated 6/25/14, indicated the following protected health information: patient's name, date of birth, medical record number and medical information about the visit.Patient was notified of this breach of medical information by letter dated 7/9/14.CDPH was notified of this breach of medical information by fax on 7/10/14.6. CA00404976During an interview on 8/8/14 at 2:45 PM, the hospital's Privacy Officer stated a staff handed a discharge instructions to the wrong patient. The Privacy Officer stated the staff did not verify the patient's information before handing the discharge documents to the patient. The Privacy Officer stated the breach was reported to the facility on 7/2/14. Review of the discharge documents dated 6/24/14, indicated the following protected health information: patient's name, date of birth, address, medical record number and medical information about the visit.Patient was notified of this breach of medical information by letter dated 7/9/14.CDPH was notified of this breach of medical information by fax on 7/10/14.
Outcome:
Deficiency cited by the California Department of Public Health: Patients' Rights